US7100049B2 - Method and apparatus for authentication of users and web sites - Google Patents

Method and apparatus for authentication of users and web sites Download PDF

Info

Publication number
US7100049B2
US7100049B2 US10/435,322 US43532203A US7100049B2 US 7100049 B2 US7100049 B2 US 7100049B2 US 43532203 A US43532203 A US 43532203A US 7100049 B2 US7100049 B2 US 7100049B2
Authority
US
United States
Prior art keywords
user
cookie
customization information
web page
providing
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Lifetime
Application number
US10/435,322
Other versions
US20040168083A1 (en
Inventor
Louis A Gasparini
Charles E Gotlieb
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
EMC Corp
Original Assignee
RSA Security LLC
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by RSA Security LLC filed Critical RSA Security LLC
Priority to US10/435,322 priority Critical patent/US7100049B2/en
Assigned to PASSMARK SECURITY, LLC reassignment PASSMARK SECURITY, LLC ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: GOTLIEB, CHARLES E., GASPARINI, LOUIS A.
Priority to CA002525121A priority patent/CA2525121A1/en
Priority to JP2006501305A priority patent/JP2006525563A/en
Priority to EP04760929A priority patent/EP1625690B1/en
Priority to AT04760929T priority patent/ATE391951T1/en
Priority to DE602004012996T priority patent/DE602004012996T2/en
Priority to AU2004239738A priority patent/AU2004239738B2/en
Priority to PCT/US2004/014379 priority patent/WO2004102338A2/en
Publication of US20040168083A1 publication Critical patent/US20040168083A1/en
Priority to US11/050,549 priority patent/US7730321B2/en
Priority to US11/088,349 priority patent/US7562222B2/en
Priority to US11/112,938 priority patent/US8751801B2/en
Priority to US11/112,059 priority patent/US8132011B2/en
Priority to US11/511,998 priority patent/US7346775B2/en
Publication of US7100049B2 publication Critical patent/US7100049B2/en
Application granted granted Critical
Assigned to RSA SECURITY INC. reassignment RSA SECURITY INC. MERGER (SEE DOCUMENT FOR DETAILS). Assignors: PASSMARK SECURITY, INC., A DELAWARE CORPORATION
Priority to US11/701,309 priority patent/US7966492B1/en
Assigned to EMC CORPORATION reassignment EMC CORPORATION ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: RSA SECURITY HOLDING, INC.
Assigned to RSA SECURITY HOLDING, INC. reassignment RSA SECURITY HOLDING, INC. ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: RSA SECURITY LLC
Assigned to RSA SECURITY LLC reassignment RSA SECURITY LLC MERGER (SEE DOCUMENT FOR DETAILS). Assignors: RSA SECURITY INC
Assigned to EMC CORPORATION reassignment EMC CORPORATION ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: RSA SECURITY HOLDING, INC.
Assigned to RSA SECURITY HOLDING, INC. reassignment RSA SECURITY HOLDING, INC. ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: RSA SECURITY LLC
Assigned to THE BANK OF NEW YORK MELLON TRUST COMPANY, N.A., AS NOTES COLLATERAL AGENT reassignment THE BANK OF NEW YORK MELLON TRUST COMPANY, N.A., AS NOTES COLLATERAL AGENT SECURITY AGREEMENT Assignors: ASAP SOFTWARE EXPRESS, INC., AVENTAIL LLC, CREDANT TECHNOLOGIES, INC., DELL INTERNATIONAL L.L.C., DELL MARKETING L.P., DELL PRODUCTS L.P., DELL SOFTWARE INC., DELL SYSTEMS CORPORATION, DELL USA L.P., EMC CORPORATION, EMC IP Holding Company LLC, FORCE10 NETWORKS, INC., MAGINATICS LLC, MOZY, INC., SCALEIO LLC, SPANNING CLOUD APPS LLC, WYSE TECHNOLOGY L.L.C.
Assigned to CREDIT SUISSE AG, CAYMAN ISLANDS BRANCH, AS COLLATERAL AGENT reassignment CREDIT SUISSE AG, CAYMAN ISLANDS BRANCH, AS COLLATERAL AGENT SECURITY AGREEMENT Assignors: ASAP SOFTWARE EXPRESS, INC., AVENTAIL LLC, CREDANT TECHNOLOGIES, INC., DELL INTERNATIONAL L.L.C., DELL MARKETING L.P., DELL PRODUCTS L.P., DELL SOFTWARE INC., DELL SYSTEMS CORPORATION, DELL USA L.P., EMC CORPORATION, EMC IP Holding Company LLC, FORCE10 NETWORKS, INC., MAGINATICS LLC, MOZY, INC., SCALEIO LLC, SPANNING CLOUD APPS LLC, WYSE TECHNOLOGY L.L.C.
Assigned to EMC IP Holding Company LLC reassignment EMC IP Holding Company LLC ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: EMC CORPORATION
Assigned to THE BANK OF NEW YORK MELLON TRUST COMPANY, N.A. reassignment THE BANK OF NEW YORK MELLON TRUST COMPANY, N.A. SECURITY AGREEMENT Assignors: CREDANT TECHNOLOGIES, INC., DELL INTERNATIONAL L.L.C., DELL MARKETING L.P., DELL PRODUCTS L.P., DELL USA L.P., EMC CORPORATION, EMC IP Holding Company LLC, FORCE10 NETWORKS, INC., WYSE TECHNOLOGY L.L.C.
Assigned to THE BANK OF NEW YORK MELLON TRUST COMPANY, N.A. reassignment THE BANK OF NEW YORK MELLON TRUST COMPANY, N.A. SECURITY AGREEMENT Assignors: CREDANT TECHNOLOGIES INC., DELL INTERNATIONAL L.L.C., DELL MARKETING L.P., DELL PRODUCTS L.P., DELL USA L.P., EMC CORPORATION, EMC IP Holding Company LLC, FORCE10 NETWORKS, INC., WYSE TECHNOLOGY L.L.C.
Assigned to DELL INTERNATIONAL, L.L.C., CREDANT TECHNOLOGIES, INC., SCALEIO LLC, DELL SYSTEMS CORPORATION, AVENTAIL LLC, EMC IP Holding Company LLC, DELL USA L.P., MOZY, INC., ASAP SOFTWARE EXPRESS, INC., DELL SOFTWARE INC., EMC CORPORATION, DELL PRODUCTS L.P., MAGINATICS LLC, WYSE TECHNOLOGY L.L.C., DELL MARKETING L.P., FORCE10 NETWORKS, INC. reassignment DELL INTERNATIONAL, L.L.C. RELEASE BY SECURED PARTY (SEE DOCUMENT FOR DETAILS). Assignors: CREDIT SUISSE AG, CAYMAN ISLANDS BRANCH
Assigned to DELL PRODUCTS L.P., DELL MARKETING CORPORATION (SUCCESSOR-IN-INTEREST TO FORCE10 NETWORKS, INC. AND WYSE TECHNOLOGY L.L.C.), DELL USA L.P., EMC IP HOLDING COMPANY LLC (ON BEHALF OF ITSELF AND AS SUCCESSOR-IN-INTEREST TO MOZY, INC.), SCALEIO LLC, DELL INTERNATIONAL L.L.C., EMC CORPORATION (ON BEHALF OF ITSELF AND AS SUCCESSOR-IN-INTEREST TO MAGINATICS LLC), DELL MARKETING L.P. (ON BEHALF OF ITSELF AND AS SUCCESSOR-IN-INTEREST TO CREDANT TECHNOLOGIES, INC.), DELL MARKETING CORPORATION (SUCCESSOR-IN-INTEREST TO ASAP SOFTWARE EXPRESS, INC.) reassignment DELL PRODUCTS L.P. RELEASE OF SECURITY INTEREST IN PATENTS PREVIOUSLY RECORDED AT REEL/FRAME (040136/0001) Assignors: THE BANK OF NEW YORK MELLON TRUST COMPANY, N.A., AS NOTES COLLATERAL AGENT
Assigned to DELL MARKETING CORPORATION (SUCCESSOR-IN-INTEREST TO ASAP SOFTWARE EXPRESS, INC.), EMC CORPORATION (ON BEHALF OF ITSELF AND AS SUCCESSOR-IN-INTEREST TO MAGINATICS LLC), DELL INTERNATIONAL L.L.C., SCALEIO LLC, DELL MARKETING CORPORATION (SUCCESSOR-IN-INTEREST TO FORCE10 NETWORKS, INC. AND WYSE TECHNOLOGY L.L.C.), EMC IP HOLDING COMPANY LLC (ON BEHALF OF ITSELF AND AS SUCCESSOR-IN-INTEREST TO MOZY, INC.), DELL MARKETING L.P. (ON BEHALF OF ITSELF AND AS SUCCESSOR-IN-INTEREST TO CREDANT TECHNOLOGIES, INC.), DELL PRODUCTS L.P., DELL USA L.P. reassignment DELL MARKETING CORPORATION (SUCCESSOR-IN-INTEREST TO ASAP SOFTWARE EXPRESS, INC.) RELEASE OF SECURITY INTEREST IN PATENTS PREVIOUSLY RECORDED AT REEL/FRAME (045455/0001) Assignors: THE BANK OF NEW YORK MELLON TRUST COMPANY, N.A., AS NOTES COLLATERAL AGENT
Anticipated expiration legal-status Critical
Expired - Lifetime legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/44Program or device authentication
    • G06F21/445Program or device authentication by mutual authentication, e.g. between devices or programs
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • G06F21/6263Protecting personal data, e.g. for financial or medical purposes during internet communication, e.g. revealing personal data from cookies
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/16Implementing security features at a particular protocol layer
    • H04L63/168Implementing security features at a particular protocol layer above the transport layer
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/02Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2119Authenticating web pages, e.g. with suspicious links
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/1466Active attacks involving interception, injection, modification, spoofing of data unit addresses, e.g. hijacking, packet injection or TCP sequence number attacks

Definitions

  • the present invention is related to computer security and more specifically to computer security for the World Wide Web.
  • the Internet and the World Wide Web allow users to communicate with software operating at various sites on the Web. However, it may be helpful to allow one or both of these entities to ensure that the other entity with whom the entity is communicating really is that other entity.
  • the web site may provide access to sensitive information of the entity with which it falsely believes it is communicating. It may cause the transfer of securities, the shipment of products or the delivery of services to the different entity in the name of the entity with which it believes it is communicating. For example, some operators of web sites lose significant amounts of money by shipping products or transferring cash or other securities to thieves who falsely identify themselves to the web site as a registered user.
  • the web pages provided by the web site paypai.com are then made to look like the web site paypal.com, and when the user attempts to log in, the user's username and password are captured by the thief's web site. The thief then logs into paypal.com using the user's username and password thus received and authorizes the transfer of money from the user's account into an account controlled by the thief.
  • the thief provides to the user a link containing what appears to be a URL of the actual site, but in fact is a command to log into the thief's site.
  • a link that reads “http://” appended to “www.paypal.com/%sdafghdgk%fdsgsdhdsh . . . ” may appear to be a genuine link to paypal.com, with a long list of parameters that extend off the end of the URL window in the user's browser.
  • the above link actually terminates with “. . .
  • @paypai.com which causes the user to be logged into the web site paypai.com using as a username, the set of characters to the left of the “@” sign.
  • the web site paypai.com allows any such username to log into the web site, and then operates as described above, presenting a replica of the paypal.com user interface to the user that allows the user to log on to the application software at the thief's web site (even though the phony username has been provided via the link), which then uses the username and password thus received to log onto the real paypal.com web site and make the transfer.
  • a dishonest operator of a web site mislead a user into believing that a web site is authentic
  • a dishonest user can mislead an authentic web site into believing that the user is authentic.
  • confidential information from a user can be captured and then used to cause the web site to believe it is dealing with that user.
  • Some web sites place cookies on the user's computer and these cookies could be used to attempt to verify the possibility that the person attempting to log in is in fact that person.
  • a cookie can be faked by a thief to indicate that the thief's computer system is the computer system of a user the thief is attempting to impersonate.
  • What is needed is a system and method that can securely authenticate a user to a web site, easily authenticate the web site to the user without requiring the user to use complex authentication procedures, or both.
  • a system and method provides an encrypted, signed cookie on a user's computer system to allow the web site to identify and authenticate the user.
  • customization information is associated with an identifier of the user to allow the user to recognize that the web site is authentic.
  • the cookie is retrieved by the web site and the signature may be checked to authenticate the user.
  • An identifier in the cookie may be used to identify the user and allow the web site to provide the customization information the user can recognize to authenticate the web site.
  • the user can then use a site that provides the customization information the user is expecting. If the customization information is missing or different, the user can refuse to provide confidential information to that web site, or refuse to believe information provided by the web site thus protecting his or her username and password and other confidential information from a thief.
  • FIG. 1 is a block schematic diagram of a conventional computer system.
  • FIG. 2 is a block schematic diagram of a system for allowing a user to authenticate a web site and the web site to authenticate the user according to one embodiment of the present invention.
  • FIG. 3A is a flowchart illustrating a method of registering a user to allow the user to authenticate a web site and the web site to authenticate the user according to one embodiment of the present invention.
  • FIG. 3B is a flowchart illustrating a method of allowing a web site to authenticate a user and/or allowing the user to authenticate the web site according to one embodiment of the present invention.
  • FIG. 4 is a flowchart illustrating a method of authenticating some or all of a web site by a user according to one embodiment of the present invention.
  • the present invention may be implemented as computer software on a conventional computer system.
  • a conventional computer system 150 for practicing the present invention is shown.
  • Processor 160 retrieves and executes software instructions stored in storage 162 such as memory, which may be Random Access Memory (RAM) and may control other components to perform the present invention.
  • Storage 162 may be used to store program instructions or data or both.
  • Storage 164 such as a computer disk drive or other nonvolatile storage, may provide storage of data or program instructions. In one embodiment, storage 164 provides longer term storage of instructions and data, with storage 162 providing storage for data or instructions that may only be required for a shorter time than that of storage 164 .
  • Input device 166 such as a computer keyboard or mouse or both allows user input to the system 150 .
  • Output 168 allows the system to provide information such as instructions, data or other information to the user of the system 150 .
  • Storage input device 170 such as a conventional floppy disk drive or CD-ROM drive accepts via input 172 computer program products 174 such as a conventional floppy disk or CD-ROM or other nonvolatile storage media that may be used to transport computer instructions or data to the system 150 .
  • Computer program product 174 has encoded thereon computer readable program code devices 176 , such as magnetic charges in the case of a floppy disk or optical encodings in the case of a CD-ROM which are encoded as program instructions, data or both to configure the computer system 150 to operate as described below.
  • each computer system 150 is a conventional SUN MICROSYSTEMS ULTRA 10 workstation running the SOLARIS operating system commercially available from SUN MICROSYSTEMS, Inc. of Mountain View, Calif., a PENTIUM-compatible personal computer system such as are available from DELL COMPUTER CORPORATION of Round Rock, Tex. running a version of the WINDOWS operating system (such as 95, 98, Me, XP, NT or 2000) commercially available from MICROSOFT Corporation of Redmond Wash. or a Macintosh computer system running the MACOS or OPENSTEP operating system commercially available from APPLE COMPUTER CORPORATION of Cupertino, Calif. and the NETSCAPE browser commercially available from NETSCAPE COMMUNICATIONS CORPORATION of Mountain View, Calif. or INTERNET EXPLORER browser commercially available from MICROSOFT above, although other systems may be used.
  • SOLARIS operating system commercially available from SUN MICROSYSTEMS
  • FIG. 2 a system 200 for allowing a user to authenticate a web site and the web site to authenticate the user is shown according to one embodiment of the present invention.
  • both of these functions are described herein, in one embodiment, one of these functions may be used without the other: it is not necessary to employ both functions according to the present invention, although other embodiments employ both functions.
  • System 200 includes one or more servers and one or more clients, a representative server 202 and client 260 being shown, although multiple clients may access server 202 simultaneously or at different times and multiple servers may be simultaneously used.
  • Server 202 is shown with a superset of components, and there may be multiple servers, each with the superset of components shown or a subset of them.
  • Communication interface 210 is a conventional communication interface that supports Ethernet, TCP/IP or other conventional communication protocols.
  • Communication into and out of client 260 is made via input/output 258 of communication interface 262 , which includes a conventional communication interface similar or identical to communication interface 210 , but may also contain conventional circuitry to couple to a conventional keyboard/monitor/mouse (not shown), or other similar conventional input/output device, via input/output 256 .
  • Communication interface 262 may be coupled to network 254 via a modem coupled to input/output 258 that is also part of communication interface 262 .
  • a registration process is performed to identify customization information for each user to allow the user to perceptively authenticate the web site as described in more detail below.
  • perceptive authentication may include anything capable of detection by the user, such as the look of one or more web pages, one or more sounds provided incident thereto, smell, touch, or taste.
  • a photo of the user may appear on the initial web site log on page, and optionally on subsequent pages, to indicate to the user that the page is authentic.
  • a certain text phrase may be used in place of, or in addition to the photo.
  • a sound known to the user may be used in addition to, or in place of, any of these.
  • the registration process associates an identifier of the user with the customization information that will be provided to the user to allow the user to authenticate the web site as will now be described.
  • the user provides or selects the customization information, although in another embodiment a system administrator performs this function and then informs the user of the customization information.
  • the user uses a conventional browser 264 , communication interface 262 and network 254 to log into the server 202 via a request for a web page received via communication interface 210 , which, based on the port number of the request, is provided to web application 240 .
  • browser 264 is used as described herein, other embodiments may employ operating system software, a servlet, or other application software.
  • Web application 240 redirects the user's browser to a secure sockets layer port on server 202 (or a different server similar or identical to server 202 described herein), and the user's browser 264 resends the request via a secure sockets layer connection, which communication interface 210 provides to encrypted communication manager 212 .
  • Encrypted communication manager 212 uses conventional SSL processing techniques to establish the connection, receive the request and decrypt the request, and provides the decrypted request to web application 240 .
  • Web application 240 attempts to read a cookie that may have been stored in cookie storage 266 and, if so stored, was provided to the server 202 by browser 264 as part of the connection. In one embodiment, if the cookie does not exist (or in another embodiment, in all cases), web application 240 builds a web page (which may also allow the user to log in as described below) that includes a link to a registration page provided by registration manager 222 . If the user clicks the link, the user's browser 264 will request the registration page, which may use the SSL connection described above or a different SSL connection. Communication interface 210 will receive the request and provide it to registration manager 222 via an SSL connection via encrypted communication manager 212 and registration manager 222 provides the page via communication interface 210 and encrypted communication manager 212 which uses the SSL connection.
  • the user may provide sufficient indicia to indicate that the user is who the user says he is. This process is enforced by registration manager 222 although it may be performed in a wide variety of ways.
  • the web page provided by registration manager 222 requires for registration the username and/or password of a person who has verified the identity of the party, which registration manager 222 has previously stored in database 224 so that the provided username and/or password may be compared by registration manager 222 with a set of authorized usernames and passwords to determine whether the user had provided sufficient indicia of his identity.
  • registration manager 222 prompts the user for another set of one or more identifiers that have been provided to the user through out-of-band means, such as mail, fax or telephone, or via another web connection or an e-mail message and that were previously generated and provided to the user by registration manager 222 .
  • the user may provide such sufficient indicia of identity without such other system-provided information.
  • This may be a user identifier and password, but may also be a mother's maiden name, or other information that had been previously collected from the user or another source and stored in database 224 .
  • a challenge and response arrangement may be used in which one or more questions are randomly selected and provided to the user by registration manager 222 and registration manager receives the responses and compares the responses to the questions (e.g. pets name) to a record in database 224 that correspond with a username (and optionally a password) that is also provided by the user to registration manager 222 via the same web page form or a different web page form that is provided by registration manager.
  • the username or username and password provided by the user to registration manager 222 via a web page form it generates in response to the request may be a sufficient indicia of identification.
  • the user need not authenticate himself to registration manager 222 and in such embodiment, sufficient indicia of identification is the fact that the party is connected to the web site at a certain time, from a specific IP address or otherwise.
  • registration manager 222 Once it receives sufficient indicia of identification from the user, registration manager 222 generates, or uses an existing, identifier for the user (which may be the same as the username or other identifier that was supplied by the user, or one that corresponds to the record in the database 224 that holds other information for the user) and stores the identifier in a record for the user in database 224 if the identifier is not already stored in any such record that may already exist for that user.
  • an existing, identifier for the user which may be the same as the username or other identifier that was supplied by the user, or one that corresponds to the record in the database 224 that holds other information for the user
  • the user provides customization information.
  • registration manager 222 prompts the user to select from a predefined list, or provide customization information some or all of which can be presented to the user when the user is requested to provide confidential or other information to the web site.
  • a system administrator can select or provide the customization information for a user in another embodiment.
  • Customization information may be anything that the user can use to recognize that the web site is authentic. It may be any number of any of the following: a photo, a graphic, a color, a layout, a message, a sound, a smell, or anything that may be sensed by touch.
  • the customization information may be selected from a list or may be original information that is provided by the user who will use it to identify the authenticity of the web site, such as a digital photo of himself.
  • the customization information need not be static: it may be a formula, such as “Today is @date”, where “@date” is replaced by that day's date, or “Only (@5 May-today) days until your birthday” in which the number of days until the following fifth of May is substituted for “(@5 May-Today)”.
  • Registration manager 222 provides a web page to allow the user to select or provide any number of any of the above items and then stores the items or indications of the items in the database record for the user in database 224 .
  • registration manager 222 generates or selects (i.e. randomly) such customization information and provides it to the user and stores it in the database record.
  • the customization information may be provided via the-web page or out of band as described above.
  • registration manager 222 provides, or prompts and receives the customization information via encrypted communication manager 212 which initiates and uses a secure communication channel such as SSL-encrypted communications, to provide, or prompt and receive the customization information to prevent others from intercepting the customization information.
  • a secure communication channel such as SSL-encrypted communications
  • a cookie is encrypted, signed and stored.
  • Registration manager 224 also initiates the storage of a signed, encrypted cookie on the user's computer system. Such storage may be performed at any time after the user has provided the sufficient indicia of the user's identity as described above, and may be performed either before, after or in place of, the identification of customization information described above.
  • cookie builder 230 To build and store the cookie, registration manager 224 provides to cookie builder 230 the identifier of the user stored in the user's record in database 224 as described above.
  • Cookie builder 230 includes the user identifier into the cookie and may add other status information to the cookie and provides the identifier and the other information to cookie signer 232 , which signs the cookie using conventional cryptographic techniques, such as by hashing the identifier, and optionally the other information, using a secret hash key to produce a hash result referred to herein as the cookie signature.
  • Cookie signer 232 provides the cookie signature, identifier and optionally, the other information, collectively referred to as the cookie, to cookie encryptor 234 , which encrypts the cookie using conventional encryption techniques, such as using the public key of a public key/private key pair or using a symmetric key.
  • Cookie encryptor 234 then causes browser 264 to store the encrypted cookie in cookie storage 266 on the user's client computer system 260 via encrypted communication manager 212 , communication interface 210 network 254 communication interface 262 optionally using an SSL connection, such as the connection used for registration as described above.
  • Cookie storage 266 may be conventional memory or disk storage and may be a portion thereof used for the storage of cookies, and may be part of the client computer system 260 or may reside in a removeable device such as a smart card, USB memory token a portable memory device that interfaces to a personal computer through a USB port, such as the USB Memory Key commercially available from Dell Computer Systems of Round Rock, Texas) or the like.
  • a removeable device such as a smart card, USB memory token a portable memory device that interfaces to a personal computer through a USB port, such as the USB Memory Key commercially available from Dell Computer Systems of Round Rock, Texas) or the like.
  • USB memory token a portable memory device that interfaces to a personal computer through a USB port, such as the USB Memory Key commercially available from Dell Computer Systems of Round Rock, Texas
  • a cookie is used as described herein, other embodiments may employ types of encrypted files, certificates or other similar data structures.
  • the user's client computer system 260 need not be used for the initial registration. Instead, the registration process may be performed in two parts: the first part allows the user to select customization information as described above from a specific set of browsers with known IP addresses or authenticated using a system administrator user, identifier and password. The second part allows the user to log in using the indicia of the user's identity as described above from his own browser, at which time the encrypted cookie is placed on the user's client computer system 260 .
  • Web application 240 may authenticate the user, provide customization information to allow the user to authenticate the web site, or both, as will now be described.
  • web application 240 reads the encrypted cookie provided by browser 264 from cookie storage 266 , such cookie being placed in cookie storage 266 as described herein.
  • Web application 240 passes the encrypted cookie to user authenticator 242 , which decrypts the encrypted cookie, and then separates the signature from the remainder of the cookie.
  • User authenticator 242 verifies that the signature corresponds to the remainder of the cookie (e.g. by rehashing the remainder of the cookie using the same hash algorithm and hash key as was used to build the signature, and comparing the hash result to the signature) and either provides web application 240 with the user's identifier and other information that may be stored in cookie if user authenticator 242 authenticates the user via the signature (e.g. the hash result it generates matches the signature), or indicates that the cookie is not valid (e.g. if the hash result user authenticator 242 generates does not match the signature).
  • web application 240 may deny access to some or all of the web site. Otherwise, web application 240 receives the user identifier and uses the user identifier to operate web application 240 and/or provide customization information, selected as described herein, to the user.
  • Customization information may be provided with every web page provided by web application 240 , some web pages, with web pages that are displayed to provide confidential information to the user, with web pages used to request any information from the user, or with web pages that are used to request confidential information from the user or any combination of some or all of these.
  • Confidential information may include information that can be used to gain access to financial or other resources of the operator of the web site or the user, or other information that a user may not wish others to know.
  • Customization information may be provided as part of web pages described above, or it may be provided separately.
  • web application 240 provides to customization information provider 244 the user identifier received as described above and the contents of a web page that has the customization information omitted, optionally with one or more indications in the web page that describe how and where to insert the customization information into the web page, along with the user's IP address and other information that can be used to address the web page.
  • Customization information provider 244 retrieves from database 224 the customization information stored in the record corresponding to the user identifier, and provides the customization information, for example by adding it to the web page it receives from web application 240 in accordance with instructions received with, or as part of the web page or by providing it at a certain place in the web page, and provides to the user the customization information with any web page it receives using the user's IP address it receives.
  • the customization information may be provided by customization information provider 244 out of band, such as by calling the user's mobile telephone and instructing the user that the web page is authentic by playing a recording of the user's voice, a favorite song, a prerecorded message or otherwise.
  • the out of band customization information can be provided via output 243 , which may be coupled to a conventional telephone line, with customization information provider 244 containing a suitable interface.
  • the user may use it to authenticate the web site, and withhold providing information or using the web site if the customization is missing or different from the customization information the user selected or provided as described above. If the customization information is what was registered as described herein, the user may provide confidential information via web pages provided by web application 240 , believe information received therefrom, or both.
  • customization information is described herein as having a single instance for each user, multiple, different instances of customization information may be registered for each of some or all of the users, with each instance of customization information having a different meaning, e.g. one instance may mean that it is OK for the user to provide secure information, and a different instance of customization information for the same user to mean that information on the page has been validated as having been provided from an authentic source.
  • Association of each instance of the customization information with the identifier of the user can be performed as described herein, along with an identifier of the instance, and each instance of customization information for a user may be perceptively different from the other instances for that user.
  • Web application 240 then provides to customization information provider 244 the identifier of the user and an identifier of the instance of customization information that should be provided, and customization information provider 244 uses the identifier of the user and the identifier of the instance to retrieve and provide to the user the proper instance of customization information in the same manner as was described above for the single instance of customization information for each user.
  • Database may be Centralized
  • database 224 does not reside in server 202 but instead is replaced by database 224 A that is accessible to more than one server 202 via network 254 and otherwise operates as database 224 .
  • Each such more than one server may serve the same web site as server 202 or a different web site.
  • each server 202 uses a number that is unique among the various servers for the same user, such as a web site number or server number appended to a user identifier, such as a social security number of the user, to access a user's record in database 224 A.
  • customization information provider 244 A that is accessible to multiple servers 202 may be used in place of customization information provider 244 so that the servers 202 do not have access to the customization information of the user.
  • Customization information provider 244 A operates in the same manner as customization information provider 244 to send to the user the customization information with the web page.
  • either database 224 A or customization information provider 244 A, and web application 240 or customization information provider 244 use conventional authentication techniques to authenticate requests for customization information or requests to send a web page with customization information.
  • authentication techniques may include passwords, digital certificates or other conventional techniques.
  • requests may be sent via encrypted communication manager 212 so that conventional SSL connections may be used to enhance security.
  • FIG. 3A a flowchart illustrating a method of registering a user to allow the user to authenticate a web site, the web site to authenticate the user, or both, is shown according to one embodiment of the present invention.
  • An indicia of a users identity may be generated and provided 310 as described above.
  • the indicia provided in step 310 may be provided via the Internet or out of band (e.g. not via the Internet) as described above in one embodiment, and in another embodiment, step 310 may be omitted.
  • Secure communications are optionally established 312 with the user.
  • Sufficient indicia of the user's identify are requested and an indicia of the user's identity is received 314 . If the indicia is not sufficient 316 , access to some or all of the remainder of the steps of FIG. 3A is denied 318 and the method continues at step 314 , and otherwise 316 , the method continues at step 320 .
  • Step 320 the user is prompted to select or provide customization information as described above and the customization information is received.
  • Step 320 may be performed via a secure communication channel, such as the SSL-encrypted Internet connection established in step 312 .
  • Customization information may include user-provided content or an indication of one or more pieces of server-supplied content that will be associated with an identifier of the user.
  • Customization information is stored 322 with an identifier of the user, which may be supplied by the user, looked up from the indicia received in step 314 or generated as part of step 322 .
  • a cookie is built 324 using the user identifier as described above and the cookie is signed 326 , encrypted 328 and stored on the user's system 330 and the method continues at step 310 .
  • FIG. 3B a flowchart illustrating a method of allowing a web site to authenticate a user and/or allowing the user to authenticate the web site is shown according to one embodiment of the present invention.
  • the steps of FIG. 3B may be performed after some or all of the steps of FIG. 3A .
  • a request for a web page is received 340 and an encrypted cookie is read 342 from the device from which the request was received and the cookie is decrypted.
  • a signature in the decrypted cookie is checked 344 as described above, and if the signature on the cookie indicates that the cookie is not authentic 346 , access to the requested web page may be denied 348 and the method continues at step 340 , and otherwise 346 , the method continues at step 350 .
  • step 350 if the request is a request for a web page that will not request confidential information or provide information that the user may want an indicia of authentication, the requested web page may be provided 352 and the method continues at step 340 , and otherwise 350 , the method continues at step 354 .
  • the test of step 350 is not performed and step 354 follows the “OK” branch of step 350 unconditionally.
  • a user identifier stored in the cookie retrieved in step 342 is used to retrieve customization information associated with that user identifier as described above and the customization information may be optionally incorporated into the requested web page 356 and the web page and customization information are provided, either via a secure connection, if the customization information is provided over the same connection as the web page, or the customization information may be provided out of band as described above 358 .
  • FIG. 4 a method of authenticating some or all of a web site by a user is shown according to one embodiment of the present invention.
  • Sufficient indicia of identity is optionally received (e.g. out of band) and provided as described above 410 .
  • Customization information is identified, such as providing it, selecting it or receiving it as described above 412 .
  • An encrypted, signed cookie may be received and stored as described above 414 .
  • a request for a web page is provided, and optionally, the encrypted, signed cookie is provided 416 .
  • the web page and optionally, certain customization information is received 418 and the customization information is compared 420 to what was provided or selected in step 412 . If the customization information received corresponds 422 to that which was identified in step 412 (e.g. because it matches), information may be received and believed or provided 426 and otherwise, the user may refuse to receive or believe the information received or refuse to provide information requested 426 .

Abstract

A system and method allows a user to authenticate a web site, a web site to authenticate a user, or both. When a user requests a web page from the web site, customization information that is recognizable to the user is provided to allow the user to authenticate the web site. A signed, encrypted cookie stored on the user's system allows the web site to authenticate the user.

Description

RELATED APPLICATIONS
This application claims the benefit of U.S. provisional patent application No. 60/379,295 entitled “Smart Marks” filed on May 10, 2002 by Louis Gasparini and is hereby incorporated by reference in its entirety.
FIELD OF THE INVENTION
The present invention is related to computer security and more specifically to computer security for the World Wide Web.
BACKGROUND OF THE INVENTION
The Internet and the World Wide Web allow users to communicate with software operating at various sites on the Web. However, it may be helpful to allow one or both of these entities to ensure that the other entity with whom the entity is communicating really is that other entity.
If the web site believes it is communicating with one entity, but it is in fact communicating with a different entity, it may provide access to sensitive information of the entity with which it falsely believes it is communicating. It may cause the transfer of securities, the shipment of products or the delivery of services to the different entity in the name of the entity with which it believes it is communicating. For example, some operators of web sites lose significant amounts of money by shipping products or transferring cash or other securities to thieves who falsely identify themselves to the web site as a registered user.
Many of these thieves trick the users into providing confidential information that the thief can use to identify herself as a registered user, by appearing to the user as if a web site operated by the thief is in fact a web site with which the user has registered. For example, a thief may send out a batch of e-mails inviting the user to log on to paypal.com with a link to the web site paypal.com, hoping that the recipient of the e-mail is registered at the financial web site paypal.com. However, the thief capitalizes the last letter in her site to read paypal.com, hoping the ‘I’ looks like the lower case last letter ‘I’ in “paypal”. The web pages provided by the web site paypai.com are then made to look like the web site paypal.com, and when the user attempts to log in, the user's username and password are captured by the thief's web site. The thief then logs into paypal.com using the user's username and password thus received and authorizes the transfer of money from the user's account into an account controlled by the thief.
In another variation of the scam, the thief provides to the user a link containing what appears to be a URL of the actual site, but in fact is a command to log into the thief's site. For example, a link that reads “http://” appended to “www.paypal.com/%sdafghdgk%fdsgsdhdsh . . . ” may appear to be a genuine link to paypal.com, with a long list of parameters that extend off the end of the URL window in the user's browser. Unknown to the user, the above link actually terminates with “. . . @paypai.com”, which causes the user to be logged into the web site paypai.com using as a username, the set of characters to the left of the “@” sign. The web site paypai.com allows any such username to log into the web site, and then operates as described above, presenting a replica of the paypal.com user interface to the user that allows the user to log on to the application software at the thief's web site (even though the phony username has been provided via the link), which then uses the username and password thus received to log onto the real paypal.com web site and make the transfer.
To combat this problem, some web sites provide a certificate to allow the user to verify that the web site is authentic, but the procedures for performing such authentication are complex, cumbersome and unknown to most users. Thus, conventional methods that could be used to allow a user to authenticate the web site are ineffective because they are too difficult to use.
Not only can a dishonest operator of a web site mislead a user into believing that a web site is authentic, a dishonest user can mislead an authentic web site into believing that the user is authentic. As described above, confidential information from a user can be captured and then used to cause the web site to believe it is dealing with that user. Some web sites place cookies on the user's computer and these cookies could be used to attempt to verify the possibility that the person attempting to log in is in fact that person. However, a cookie can be faked by a thief to indicate that the thief's computer system is the computer system of a user the thief is attempting to impersonate.
What is needed is a system and method that can securely authenticate a user to a web site, easily authenticate the web site to the user without requiring the user to use complex authentication procedures, or both.
SUMMARY OF INVENTION
A system and method provides an encrypted, signed cookie on a user's computer system to allow the web site to identify and authenticate the user. In addition, or alternatively, customization information is associated with an identifier of the user to allow the user to recognize that the web site is authentic. When the user requests a web page, the cookie is retrieved by the web site and the signature may be checked to authenticate the user. An identifier in the cookie may be used to identify the user and allow the web site to provide the customization information the user can recognize to authenticate the web site. The user can then use a site that provides the customization information the user is expecting. If the customization information is missing or different, the user can refuse to provide confidential information to that web site, or refuse to believe information provided by the web site thus protecting his or her username and password and other confidential information from a thief.
BRIEF DESCRIPTION OF THE DRAWINGS
FIG. 1 is a block schematic diagram of a conventional computer system.
FIG. 2 is a block schematic diagram of a system for allowing a user to authenticate a web site and the web site to authenticate the user according to one embodiment of the present invention.
FIG. 3A is a flowchart illustrating a method of registering a user to allow the user to authenticate a web site and the web site to authenticate the user according to one embodiment of the present invention.
FIG. 3B is a flowchart illustrating a method of allowing a web site to authenticate a user and/or allowing the user to authenticate the web site according to one embodiment of the present invention.
FIG. 4 is a flowchart illustrating a method of authenticating some or all of a web site by a user according to one embodiment of the present invention.
DETAILED DESCRIPTION OF THE A PREFERRED EMBODIMENT
The present invention may be implemented as computer software on a conventional computer system. Referring now to FIG. 1, a conventional computer system 150 for practicing the present invention is shown. Processor 160 retrieves and executes software instructions stored in storage 162 such as memory, which may be Random Access Memory (RAM) and may control other components to perform the present invention. Storage 162 may be used to store program instructions or data or both. Storage 164, such as a computer disk drive or other nonvolatile storage, may provide storage of data or program instructions. In one embodiment, storage 164 provides longer term storage of instructions and data, with storage 162 providing storage for data or instructions that may only be required for a shorter time than that of storage 164. Input device 166 such as a computer keyboard or mouse or both allows user input to the system 150. Output 168, such as a display or printer, allows the system to provide information such as instructions, data or other information to the user of the system 150. Storage input device 170 such as a conventional floppy disk drive or CD-ROM drive accepts via input 172 computer program products 174 such as a conventional floppy disk or CD-ROM or other nonvolatile storage media that may be used to transport computer instructions or data to the system 150. Computer program product 174 has encoded thereon computer readable program code devices 176, such as magnetic charges in the case of a floppy disk or optical encodings in the case of a CD-ROM which are encoded as program instructions, data or both to configure the computer system 150 to operate as described below.
In one embodiment, each computer system 150 is a conventional SUN MICROSYSTEMS ULTRA 10 workstation running the SOLARIS operating system commercially available from SUN MICROSYSTEMS, Inc. of Mountain View, Calif., a PENTIUM-compatible personal computer system such as are available from DELL COMPUTER CORPORATION of Round Rock, Tex. running a version of the WINDOWS operating system (such as 95, 98, Me, XP, NT or 2000) commercially available from MICROSOFT Corporation of Redmond Wash. or a Macintosh computer system running the MACOS or OPENSTEP operating system commercially available from APPLE COMPUTER CORPORATION of Cupertino, Calif. and the NETSCAPE browser commercially available from NETSCAPE COMMUNICATIONS CORPORATION of Mountain View, Calif. or INTERNET EXPLORER browser commercially available from MICROSOFT above, although other systems may be used.
Referring now to FIG. 2, a system 200 for allowing a user to authenticate a web site and the web site to authenticate the user is shown according to one embodiment of the present invention. Although both of these functions are described herein, in one embodiment, one of these functions may be used without the other: it is not necessary to employ both functions according to the present invention, although other embodiments employ both functions.
System 200 includes one or more servers and one or more clients, a representative server 202 and client 260 being shown, although multiple clients may access server 202 simultaneously or at different times and multiple servers may be simultaneously used. Server 202 is shown with a superset of components, and there may be multiple servers, each with the superset of components shown or a subset of them.
In one embodiment, all communication into or out of server 202 described herein is made via input/output 208 of communication interface 210 which is coupled to a network 254 such as the Internet or a local area network or both. Communication interface 210 is a conventional communication interface that supports Ethernet, TCP/IP or other conventional communication protocols.
Communication into and out of client 260 is made via input/output 258 of communication interface 262, which includes a conventional communication interface similar or identical to communication interface 210, but may also contain conventional circuitry to couple to a conventional keyboard/monitor/mouse (not shown), or other similar conventional input/output device, via input/output 256. Communication interface 262 may be coupled to network 254 via a modem coupled to input/output 258 that is also part of communication interface 262.
In one embodiment, a registration process is performed to identify customization information for each user to allow the user to perceptively authenticate the web site as described in more detail below. Such perceptive authentication may include anything capable of detection by the user, such as the look of one or more web pages, one or more sounds provided incident thereto, smell, touch, or taste. For example, a photo of the user may appear on the initial web site log on page, and optionally on subsequent pages, to indicate to the user that the page is authentic. A certain text phrase may be used in place of, or in addition to the photo. A sound known to the user may be used in addition to, or in place of, any of these.
The registration process associates an identifier of the user with the customization information that will be provided to the user to allow the user to authenticate the web site as will now be described. In one embodiment, the user provides or selects the customization information, although in another embodiment a system administrator performs this function and then informs the user of the customization information.
In one embodiment, the user uses a conventional browser 264, communication interface 262 and network 254 to log into the server 202 via a request for a web page received via communication interface 210, which, based on the port number of the request, is provided to web application 240. Although browser 264 is used as described herein, other embodiments may employ operating system software, a servlet, or other application software.
Web application 240 redirects the user's browser to a secure sockets layer port on server 202 (or a different server similar or identical to server 202 described herein), and the user's browser 264 resends the request via a secure sockets layer connection, which communication interface 210 provides to encrypted communication manager 212. Encrypted communication manager 212 uses conventional SSL processing techniques to establish the connection, receive the request and decrypt the request, and provides the decrypted request to web application 240.
Web application 240 attempts to read a cookie that may have been stored in cookie storage 266 and, if so stored, was provided to the server 202 by browser 264 as part of the connection. In one embodiment, if the cookie does not exist (or in another embodiment, in all cases), web application 240 builds a web page (which may also allow the user to log in as described below) that includes a link to a registration page provided by registration manager 222. If the user clicks the link, the user's browser 264 will request the registration page, which may use the SSL connection described above or a different SSL connection. Communication interface 210 will receive the request and provide it to registration manager 222 via an SSL connection via encrypted communication manager 212 and registration manager 222 provides the page via communication interface 210 and encrypted communication manager 212 which uses the SSL connection.
The user may provide sufficient indicia to indicate that the user is who the user says he is. This process is enforced by registration manager 222 although it may be performed in a wide variety of ways.
In one embodiment, the web page provided by registration manager 222 requires for registration the username and/or password of a person who has verified the identity of the party, which registration manager 222 has previously stored in database 224 so that the provided username and/or password may be compared by registration manager 222 with a set of authorized usernames and passwords to determine whether the user had provided sufficient indicia of his identity. In another embodiment, registration manager 222 prompts the user for another set of one or more identifiers that have been provided to the user through out-of-band means, such as mail, fax or telephone, or via another web connection or an e-mail message and that were previously generated and provided to the user by registration manager 222.
Depending on the security needs of the web site, the user may provide such sufficient indicia of identity without such other system-provided information. This may be a user identifier and password, but may also be a mother's maiden name, or other information that had been previously collected from the user or another source and stored in database 224. A challenge and response arrangement may be used in which one or more questions are randomly selected and provided to the user by registration manager 222 and registration manager receives the responses and compares the responses to the questions (e.g. pets name) to a record in database 224 that correspond with a username (and optionally a password) that is also provided by the user to registration manager 222 via the same web page form or a different web page form that is provided by registration manager. In another embodiment, the username or username and password provided by the user to registration manager 222 via a web page form it generates in response to the request may be a sufficient indicia of identification. In still another embodiment, the user need not authenticate himself to registration manager 222 and in such embodiment, sufficient indicia of identification is the fact that the party is connected to the web site at a certain time, from a specific IP address or otherwise.
Once it receives sufficient indicia of identification from the user, registration manager 222 generates, or uses an existing, identifier for the user (which may be the same as the username or other identifier that was supplied by the user, or one that corresponds to the record in the database 224 that holds other information for the user) and stores the identifier in a record for the user in database 224 if the identifier is not already stored in any such record that may already exist for that user.
The user provides customization information.
After the user has provided sufficient indicia of the user's identity, registration manager 222 prompts the user to select from a predefined list, or provide customization information some or all of which can be presented to the user when the user is requested to provide confidential or other information to the web site. As noted above, a system administrator can select or provide the customization information for a user in another embodiment.
Customization information may be anything that the user can use to recognize that the web site is authentic. It may be any number of any of the following: a photo, a graphic, a color, a layout, a message, a sound, a smell, or anything that may be sensed by touch. The customization information may be selected from a list or may be original information that is provided by the user who will use it to identify the authenticity of the web site, such as a digital photo of himself. The customization information need not be static: it may be a formula, such as “Today is @date”, where “@date” is replaced by that day's date, or “Only (@5May-today) days until your birthday” in which the number of days until the following fifth of May is substituted for “(@5May-Today)”.
Registration manager 222 provides a web page to allow the user to select or provide any number of any of the above items and then stores the items or indications of the items in the database record for the user in database 224. In still another embodiment, registration manager 222 generates or selects (i.e. randomly) such customization information and provides it to the user and stores it in the database record. The customization information may be provided via the-web page or out of band as described above.
In one embodiment, registration manager 222 provides, or prompts and receives the customization information via encrypted communication manager 212 which initiates and uses a secure communication channel such as SSL-encrypted communications, to provide, or prompt and receive the customization information to prevent others from intercepting the customization information.
A cookie is encrypted, signed and stored.
Registration manager 224 also initiates the storage of a signed, encrypted cookie on the user's computer system. Such storage may be performed at any time after the user has provided the sufficient indicia of the user's identity as described above, and may be performed either before, after or in place of, the identification of customization information described above.
To build and store the cookie, registration manager 224 provides to cookie builder 230 the identifier of the user stored in the user's record in database 224 as described above. Cookie builder 230 includes the user identifier into the cookie and may add other status information to the cookie and provides the identifier and the other information to cookie signer 232, which signs the cookie using conventional cryptographic techniques, such as by hashing the identifier, and optionally the other information, using a secret hash key to produce a hash result referred to herein as the cookie signature. Cookie signer 232 provides the cookie signature, identifier and optionally, the other information, collectively referred to as the cookie, to cookie encryptor 234, which encrypts the cookie using conventional encryption techniques, such as using the public key of a public key/private key pair or using a symmetric key. Cookie encryptor 234 then causes browser 264 to store the encrypted cookie in cookie storage 266 on the user's client computer system 260 via encrypted communication manager 212, communication interface 210 network 254 communication interface 262 optionally using an SSL connection, such as the connection used for registration as described above. Cookie storage 266 may be conventional memory or disk storage and may be a portion thereof used for the storage of cookies, and may be part of the client computer system 260 or may reside in a removeable device such as a smart card, USB memory token a portable memory device that interfaces to a personal computer through a USB port, such as the USB Memory Key commercially available from Dell Computer Systems of Round Rock, Texas) or the like. Although a cookie is used as described herein, other embodiments may employ types of encrypted files, certificates or other similar data structures.
In one embodiment, the user's client computer system 260 need not be used for the initial registration. Instead, the registration process may be performed in two parts: the first part allows the user to select customization information as described above from a specific set of browsers with known IP addresses or authenticated using a system administrator user, identifier and password. The second part allows the user to log in using the indicia of the user's identity as described above from his own browser, at which time the encrypted cookie is placed on the user's client computer system 260.
Verifying the identity of the Web Page And/Or the User
Subsequent to receiving the cookie as described above, when the user requests a web page from the web site, the user will use his or her web browser 264 to send the request to server 202. Browser 264 sends the request to server 202 via communication interfaces 262 and 210 and network 254. Communication interface 210 passes the request to web application 240, which is a conventional web application program modified as described herein. Web application 240 may authenticate the user, provide customization information to allow the user to authenticate the web site, or both, as will now be described.
To authenticate the user, web application 240 reads the encrypted cookie provided by browser 264 from cookie storage 266, such cookie being placed in cookie storage 266 as described herein. Web application 240 passes the encrypted cookie to user authenticator 242, which decrypts the encrypted cookie, and then separates the signature from the remainder of the cookie. User authenticator 242 verifies that the signature corresponds to the remainder of the cookie (e.g. by rehashing the remainder of the cookie using the same hash algorithm and hash key as was used to build the signature, and comparing the hash result to the signature) and either provides web application 240 with the user's identifier and other information that may be stored in cookie if user authenticator 242 authenticates the user via the signature (e.g. the hash result it generates matches the signature), or indicates that the cookie is not valid (e.g. if the hash result user authenticator 242 generates does not match the signature).
If user authenticator 242 indicates the cookie is not valid, web application 240 may deny access to some or all of the web site. Otherwise, web application 240 receives the user identifier and uses the user identifier to operate web application 240 and/or provide customization information, selected as described herein, to the user.
Customization information may be provided with every web page provided by web application 240, some web pages, with web pages that are displayed to provide confidential information to the user, with web pages used to request any information from the user, or with web pages that are used to request confidential information from the user or any combination of some or all of these. Confidential information may include information that can be used to gain access to financial or other resources of the operator of the web site or the user, or other information that a user may not wish others to know.
Customization information may be provided as part of web pages described above, or it may be provided separately. To provide customization information with any of the web pages described above, web application 240 provides to customization information provider 244 the user identifier received as described above and the contents of a web page that has the customization information omitted, optionally with one or more indications in the web page that describe how and where to insert the customization information into the web page, along with the user's IP address and other information that can be used to address the web page.
Customization information provider 244 retrieves from database 224 the customization information stored in the record corresponding to the user identifier, and provides the customization information, for example by adding it to the web page it receives from web application 240 in accordance with instructions received with, or as part of the web page or by providing it at a certain place in the web page, and provides to the user the customization information with any web page it receives using the user's IP address it receives.
In one embodiment, the customization information may be provided by customization information provider 244 out of band, such as by calling the user's mobile telephone and instructing the user that the web page is authentic by playing a recording of the user's voice, a favorite song, a prerecorded message or otherwise. The out of band customization information can be provided via output 243, which may be coupled to a conventional telephone line, with customization information provider 244 containing a suitable interface.
When the user receives the customization information such as via browser 264 and a monitor coupled to input/output 256 or out of band, the user may use it to authenticate the web site, and withhold providing information or using the web site if the customization is missing or different from the customization information the user selected or provided as described above. If the customization information is what was registered as described herein, the user may provide confidential information via web pages provided by web application 240, believe information received therefrom, or both.
Although customization information is described herein as having a single instance for each user, multiple, different instances of customization information may be registered for each of some or all of the users, with each instance of customization information having a different meaning, e.g. one instance may mean that it is OK for the user to provide secure information, and a different instance of customization information for the same user to mean that information on the page has been validated as having been provided from an authentic source. Association of each instance of the customization information with the identifier of the user can be performed as described herein, along with an identifier of the instance, and each instance of customization information for a user may be perceptively different from the other instances for that user. Web application 240 then provides to customization information provider 244 the identifier of the user and an identifier of the instance of customization information that should be provided, and customization information provider 244 uses the identifier of the user and the identifier of the instance to retrieve and provide to the user the proper instance of customization information in the same manner as was described above for the single instance of customization information for each user.
Database may be Centralized
In one embodiment, database 224 does not reside in server 202 but instead is replaced by database 224A that is accessible to more than one server 202 via network 254 and otherwise operates as database 224. Each such more than one server may serve the same web site as server 202 or a different web site. In such embodiment, there is more than one server 202 and either each server registers users and provides customization information as described above, but shares the central database 224A in place of database 224, or only a fraction of the servers 202 register users, with other servers making use of the customization information the users identify or provide to such registering server or that is provided by such registering server as described above.
In one embodiment, each server 202 uses a number that is unique among the various servers for the same user, such as a web site number or server number appended to a user identifier, such as a social security number of the user, to access a user's record in database 224A. In such embodiment, customization information provider 244A that is accessible to multiple servers 202 may be used in place of customization information provider 244 so that the servers 202 do not have access to the customization information of the user. Customization information provider 244A operates in the same manner as customization information provider 244 to send to the user the customization information with the web page.
In one embodiment, either database 224A or customization information provider 244A, and web application 240 or customization information provider 244, use conventional authentication techniques to authenticate requests for customization information or requests to send a web page with customization information. Such authentication techniques may include passwords, digital certificates or other conventional techniques. Such requests may be sent via encrypted communication manager 212 so that conventional SSL connections may be used to enhance security.
Referring now to FIG. 3A, a flowchart illustrating a method of registering a user to allow the user to authenticate a web site, the web site to authenticate the user, or both, is shown according to one embodiment of the present invention.
An indicia of a users identity may be generated and provided 310 as described above. The indicia provided in step 310 may be provided via the Internet or out of band (e.g. not via the Internet) as described above in one embodiment, and in another embodiment, step 310 may be omitted. Secure communications are optionally established 312 with the user. Sufficient indicia of the user's identify are requested and an indicia of the user's identity is received 314. If the indicia is not sufficient 316, access to some or all of the remainder of the steps of FIG. 3A is denied 318 and the method continues at step 314, and otherwise 316, the method continues at step 320.
At step 320, the user is prompted to select or provide customization information as described above and the customization information is received. Step 320 may be performed via a secure communication channel, such as the SSL-encrypted Internet connection established in step 312. Customization information may include user-provided content or an indication of one or more pieces of server-supplied content that will be associated with an identifier of the user. Customization information is stored 322 with an identifier of the user, which may be supplied by the user, looked up from the indicia received in step 314 or generated as part of step 322.
A cookie is built 324 using the user identifier as described above and the cookie is signed 326, encrypted 328 and stored on the user's system 330 and the method continues at step 310.
Referring now to FIG. 3B, a flowchart illustrating a method of allowing a web site to authenticate a user and/or allowing the user to authenticate the web site is shown according to one embodiment of the present invention. The steps of FIG. 3B may be performed after some or all of the steps of FIG. 3A. A request for a web page is received 340 and an encrypted cookie is read 342 from the device from which the request was received and the cookie is decrypted. A signature in the decrypted cookie is checked 344 as described above, and if the signature on the cookie indicates that the cookie is not authentic 346, access to the requested web page may be denied 348 and the method continues at step 340, and otherwise 346, the method continues at step 350.
At step 350, if the request is a request for a web page that will not request confidential information or provide information that the user may want an indicia of authentication, the requested web page may be provided 352 and the method continues at step 340, and otherwise 350, the method continues at step 354. In another embodiment indicated by the dashed line in the Figure, the test of step 350 is not performed and step 354 follows the “OK” branch of step 350 unconditionally.
At step 354, a user identifier stored in the cookie retrieved in step 342 is used to retrieve customization information associated with that user identifier as described above and the customization information may be optionally incorporated into the requested web page 356 and the web page and customization information are provided, either via a secure connection, if the customization information is provided over the same connection as the web page, or the customization information may be provided out of band as described above 358.
Referring now to FIG. 4, a method of authenticating some or all of a web site by a user is shown according to one embodiment of the present invention. Sufficient indicia of identity is optionally received (e.g. out of band) and provided as described above 410. Customization information is identified, such as providing it, selecting it or receiving it as described above 412. An encrypted, signed cookie may be received and stored as described above 414. A request for a web page is provided, and optionally, the encrypted, signed cookie is provided 416. The web page and optionally, certain customization information, is received 418 and the customization information is compared 420 to what was provided or selected in step 412. If the customization information received corresponds 422 to that which was identified in step 412 (e.g. because it matches), information may be received and believed or provided 426 and otherwise, the user may refuse to receive or believe the information received or refuse to provide information requested 426.

Claims (21)

1. A method of providing and authenticating a web page, comprising:
at least as part of a registration process performed at least in part to identify customization information for a user to allow the user to perceptively authenticate at least the web page:
identifying the customization information by at least one selected from:
allowing a user to provide the customization information;
allowing the user to select the customization information from a set comprising the customization information and other information; and
providing the customization information to the user; and
associating with a user identifier the customization information identified;
providing the user identifier in a cookie;
encrypting the cookie;
storing the cookie on a computer system operated by the user;
responsive to a request for the web page, reading the cookie stored;
providing the web page requested;
responsive to the cookie read, providing the customization information identified, via at least one selected from:
a) a secure connection and;
b) a communication channel different from that used to provide the web page; and
authenticating the web page by comparing said customization information to the customization information identified.
2. The method of claim 1 additionally comprising:
adding a signature of the cookie to the cookie prior to the storing step; and
verifying the signature of the cookie read.
3. The method of claim 1 wherein the customization information is provided as part of the web page.
4. The method of claim 1 wherein the customization information is provided substantially concurrently with the web page but separately therefrom.
5. The method of claim 1, wherein the providing the customization information step comprises providing to a database over a network, the user identifier from the cookie read.
6. The method of claim 1:
additionally comprising the step of receiving an indicia of an authentication of the user; and
wherein, the associating step is responsive to the receiving the indicia step.
7. The method of claim 6 wherein the indicia comprises a system administrator password.
8. The method of claim 1 wherein the customization information is received as part of the web page; and
the web page and customization information are provided via a secure connection.
9. The method of claim 1 wherein the customization information is identified via a secure connection.
10. The method of claim 9 wherein the customization information is provided to a database operated by a party other than the party operating the web site.
11. The method of claim 1 wherein the web page received comprises a form for entering confidential information.
12. A system for providing a web page in a manner that allows its authentication, comprising:
a registration manager for, at least as part of a registration process performed at least in part to identify customization information for a user to allow the user to perceptively authenticate at least the web page,
identifying the customization information by at least one selected from: allowing a user to provide the customization information; allowing the user to select the customization information from a set comprising the customization information and other information; and providing the customization information to the user,
and for associating in a database coupled to a database output a user identifier with the customization information identified and for providing the user identifier at an output;
a cookie builder having an input coupled to the registration manager output, the cookie builder for providing the user identifier in a cookie at an output;
a cookie encryptor having an input coupled to the cookie builder output, the cookie encryptor for encrypting the cookie and providing the encrypted cookie at an output;
a cookie storage having an input/output coupled to the cookie encryptor output, the cookie storage for storing the cookie on a computer system operated by the user;
a web application having an input coupled for receiving a request for a web page, the web application for, responsive to the request for the web page, for reading the cookie stored via the web application input, for providing at least a portion of the web page at a first output, and providing at a second output the user identifier from the cookie read; and
a customization information provider having an input coupled to the web application second output for receiving the user identifier, the customization information provider for retrieving at least a portion of the customization information from the database via an input/output coupled thereto, the customization information provider for, responsive to the web page requesting confidential information or providing information for which an indicia of authentication can be desired by the user, providing at an output the customization information identified, via at least one selected from:
a) a secure connection and;
b) a communication channel different from that used to provide the web page.
13. The system of claim 12 additionally comprising:
a cookie signer coupled between the cookie builder output and the cookie encryptor input, the cookie signer for adding a signature of the cookie to the cookie; and
a user authenticator having an input for receiving the cookie from a verification output of the registration manager, the user authenticator for verifying the signature of the cookie and providing at an output an indication of authenticity responsive to at least a portion of the cookie and the signature of the cookie; and
wherein the web application provides the web page responsive to the indication received at a web application authentication input coupled to the user authenticator output.
14. The system of claim 12 wherein the customization information provider provides the customization information integrated as part of the web page.
15. The system of claim 12 wherein the customization information provider provides the customization information substantially concurrently with the web page but separately therefrom.
16. The system of claim 12, wherein the database is accessed on a network remote from the web application.
17. A computer program product comprising a computer useable medium having computer readable program code embodied therein for providing a web page in a manner that allows its authentication, the computer program product comprising computer readable program code devices configured to cause a computer to:
at least as part of a registration process performed at least in part to identify customization information for a user to allow the user to perceptively authenticate at least the web page:
identify the customization information by at least one selected from:
allowing a user to provide the customization information;
allowing the user to select the customization information from a set comprising the customization information and other information; and
providing the customization information to the user; and
associate with a user identifier customization information identified;
provide the user identifier in a cookie;
encrypt the cookie;
store the cookie on a computer system operated by the user;
responsive to a request for the web page, read the cookie stored;
provide the web page requested;
responsive to the cookie read, provide the customization information identified via at least one selected from:
a) a secure connection and;
b) a communication channel different from that used to provide the web page; and
authenticate the web page by comparing said customization information to the customization information identified.
18. The computer program product of claim 17 additionally comprising computer readable program code devices configured to cause the computer to:
add a signature of the cookie to the cookie prior to the storing step; and
verify the signature of the cookie read.
19. The computer program product of claim 17 wherein the customization information is provided as part of the web page.
20. The computer program product of claim 17 wherein the customization information is provided substantially concurrently with the web page but separately therefrom.
21. The computer program product of claim 17, wherein the computer readable program code devices configured to cause the computer to provide the customization information step comprise computer readable program code devices configured to cause the computer to provide to a database over a network, the user identifier from the cookie read.
US10/435,322 2002-05-10 2003-05-09 Method and apparatus for authentication of users and web sites Expired - Lifetime US7100049B2 (en)

Priority Applications (14)

Application Number Priority Date Filing Date Title
US10/435,322 US7100049B2 (en) 2002-05-10 2003-05-09 Method and apparatus for authentication of users and web sites
CA002525121A CA2525121A1 (en) 2003-05-09 2004-05-06 Method and apparatus for authentication of users and web sites
JP2006501305A JP2006525563A (en) 2003-05-09 2004-05-06 User and web site authentication method and apparatus
EP04760929A EP1625690B1 (en) 2003-05-09 2004-05-06 Method and apparatus for authentication of users and web sites
AT04760929T ATE391951T1 (en) 2003-05-09 2004-05-06 METHOD AND APPARATUS FOR AUTHENTICATE USERS AND WEBSITES
DE602004012996T DE602004012996T2 (en) 2003-05-09 2004-05-06 METHOD AND DEVICE FOR AUTHENTICATING USERS AND WEBSITES
AU2004239738A AU2004239738B2 (en) 2003-05-09 2004-05-06 Method and apparatus for authentication of users and web sites
PCT/US2004/014379 WO2004102338A2 (en) 2003-05-09 2004-05-06 Method and apparatus for authentication of users and web sites
US11/050,549 US7730321B2 (en) 2003-05-09 2005-02-03 System and method for authentication of users and communications received from computer systems
US11/088,349 US7562222B2 (en) 2002-05-10 2005-03-23 System and method for authenticating entities to users
US11/112,938 US8751801B2 (en) 2003-05-09 2005-04-22 System and method for authenticating users using two or more factors
US11/112,059 US8132011B2 (en) 2003-05-09 2005-04-22 System and method for authenticating at least a portion of an e-mail message
US11/511,998 US7346775B2 (en) 2002-05-10 2006-08-28 System and method for authentication of users and web sites
US11/701,309 US7966492B1 (en) 2002-05-10 2007-01-31 System and method for allowing an e-mail message recipient to authenticate the message

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US37929502P 2002-05-10 2002-05-10
US10/435,322 US7100049B2 (en) 2002-05-10 2003-05-09 Method and apparatus for authentication of users and web sites

Related Child Applications (5)

Application Number Title Priority Date Filing Date
US11/050,549 Continuation-In-Part US7730321B2 (en) 2002-05-10 2005-02-03 System and method for authentication of users and communications received from computer systems
US11/088,349 Continuation-In-Part US7562222B2 (en) 2002-05-10 2005-03-23 System and method for authenticating entities to users
US11/112,059 Continuation-In-Part US8132011B2 (en) 2003-05-09 2005-04-22 System and method for authenticating at least a portion of an e-mail message
US11/112,938 Continuation-In-Part US8751801B2 (en) 2003-05-09 2005-04-22 System and method for authenticating users using two or more factors
US11/511,998 Continuation US7346775B2 (en) 2002-05-10 2006-08-28 System and method for authentication of users and web sites

Publications (2)

Publication Number Publication Date
US20040168083A1 US20040168083A1 (en) 2004-08-26
US7100049B2 true US7100049B2 (en) 2006-08-29

Family

ID=33449697

Family Applications (2)

Application Number Title Priority Date Filing Date
US10/435,322 Expired - Lifetime US7100049B2 (en) 2002-05-10 2003-05-09 Method and apparatus for authentication of users and web sites
US11/511,998 Expired - Lifetime US7346775B2 (en) 2002-05-10 2006-08-28 System and method for authentication of users and web sites

Family Applications After (1)

Application Number Title Priority Date Filing Date
US11/511,998 Expired - Lifetime US7346775B2 (en) 2002-05-10 2006-08-28 System and method for authentication of users and web sites

Country Status (8)

Country Link
US (2) US7100049B2 (en)
EP (1) EP1625690B1 (en)
JP (1) JP2006525563A (en)
AT (1) ATE391951T1 (en)
AU (1) AU2004239738B2 (en)
CA (1) CA2525121A1 (en)
DE (1) DE602004012996T2 (en)
WO (1) WO2004102338A2 (en)

Cited By (237)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020103645A1 (en) * 2001-01-31 2002-08-01 Hitachi, Ltd. Authenticity output method and its apparatus, and processing program
US20030129006A1 (en) * 2001-12-14 2003-07-10 Hitachi Printing Solutions, Ltd. Multi-color printer and method therefor
US20030217288A1 (en) * 2002-05-15 2003-11-20 Microsoft Corporation Session key secruity protocol
US20040148517A1 (en) * 2003-01-23 2004-07-29 International Business Machines System, method and program product for managing user account information
US20040205960A1 (en) * 2003-04-15 2004-10-21 Mitsuhiko Miyazaki Electric part handling device
US20050144449A1 (en) * 2003-12-30 2005-06-30 Entrust Limited Method and apparatus for providing mutual authentication between a sending unit and a recipient
US20050144451A1 (en) * 2003-12-30 2005-06-30 Entrust Limited Method and apparatus for providing electronic message authentication
US20050149761A1 (en) * 2003-12-30 2005-07-07 Entrust Limited Method and apparatus for securely providing identification information using translucent identification member
US20050172229A1 (en) * 2004-01-29 2005-08-04 Arcot Systems, Inc. Browser user-interface security application
US20050228782A1 (en) * 2004-04-07 2005-10-13 Alexandre Bronstein Authenticating a web site with user-provided indicators
US20050228998A1 (en) * 2004-04-02 2005-10-13 Microsoft Corporation Public key infrastructure scalability certificate revocation status validation
US20050268100A1 (en) * 2002-05-10 2005-12-01 Gasparini Louis A System and method for authenticating entities to users
US20060015725A1 (en) * 2003-12-30 2006-01-19 Entrust Limited Offline methods for authentication in a client/server authentication system
US20060015742A1 (en) * 2004-07-15 2006-01-19 Allan Camaisa System and method for blocking unauthorized network log in using stolen password
US20060020815A1 (en) * 2004-07-07 2006-01-26 Bharosa Inc. Online data encryption and decryption
US20060026421A1 (en) * 2004-06-15 2006-02-02 Gasparini Louis A System and method for making accessible a set of services to users
US20060059111A1 (en) * 2004-09-10 2006-03-16 Tucker David M Authentication method for securely disclosing confidential information over the internet
US20060080195A1 (en) * 2004-10-12 2006-04-13 Yucel Karabulut Method and system to automatically evaluate a participant in a trust management infrastructure
US20060090073A1 (en) * 2004-04-27 2006-04-27 Shira Steinberg System and method of using human friendly representations of mathematical values and activity analysis to confirm authenticity
US20060095972A1 (en) * 2004-11-04 2006-05-04 International Business Machines Corporation Method for enabling a trusted dialog for collection of sensitive data
US20060156385A1 (en) * 2003-12-30 2006-07-13 Entrust Limited Method and apparatus for providing authentication using policy-controlled authentication articles and techniques
US20060167799A1 (en) * 2003-12-11 2006-07-27 Wehunt Nathan P Client-server-type security system, such as a security system for use with computer network consumer transactions
US20060230435A1 (en) * 2003-08-27 2006-10-12 Hitoshi Kokumai Mutual authentication system between user and system
US20060253446A1 (en) * 2005-05-03 2006-11-09 E-Lock Corporation Sdn. Bhd.. Internet security
US20060282660A1 (en) * 2005-04-29 2006-12-14 Varghese Thomas E System and method for fraud monitoring, detection, and tiered user authentication
US20060288213A1 (en) * 2002-05-10 2006-12-21 Gasparini Louis A System and method for authentication of users and web sites
US20060288079A1 (en) * 2005-05-31 2006-12-21 Deobald Martyn G Security system for personal Internet communicator
US20060288220A1 (en) * 2005-05-02 2006-12-21 Whitehat Security, Inc. In-line website securing system with HTML processor and link verification
US20070006286A1 (en) * 2005-07-02 2007-01-04 Singhal Tara C System and method for security in global computer transactions that enable reverse-authentication of a server by a client
US20070005967A1 (en) * 2003-12-30 2007-01-04 Entrust Limited Method and apparatus for providing authentication between a sending unit and a recipient based on challenge usage data
US20070033393A1 (en) * 2005-05-31 2007-02-08 Tricipher, Inc. Secure login using single factor split key asymmetric cryptography and an augmenting factor
US20070037552A1 (en) * 2005-08-11 2007-02-15 Timothy Lee Method and system for performing two factor mutual authentication
US20070113294A1 (en) * 2005-11-09 2007-05-17 John Field Password Presentation for Multimedia Devices
US20070121912A1 (en) * 2005-10-14 2007-05-31 Murata Kikai Kabushiki Kaisha Communication device, communication method and communication system
US20070136573A1 (en) * 2005-12-05 2007-06-14 Joseph Steinberg System and method of using two or more multi-factor authentication mechanisms to authenticate online parties
US20070192615A1 (en) * 2004-07-07 2007-08-16 Varghese Thomas E Online data encryption and decryption
US7266693B1 (en) * 2007-02-13 2007-09-04 U.S. Bancorp Licensing, Inc. Validated mutual authentication
US20070234409A1 (en) * 2006-03-31 2007-10-04 Ori Eisen Systems and methods for detection of session tampering and fraud prevention
US20070239606A1 (en) * 2004-03-02 2007-10-11 Ori Eisen Method and system for identifying users and detecting fraud by use of the internet
US20070256123A1 (en) * 2005-12-01 2007-11-01 Rsa Security, Inc. Detecting and preventing replay in authentication systems
US20070266257A1 (en) * 2004-07-15 2007-11-15 Allan Camaisa System and method for blocking unauthorized network log in using stolen password
US20070288743A1 (en) * 2004-01-12 2007-12-13 Cisco Technology, Inc. Enabling stateless server-based pre-shared secrets
US20080028465A1 (en) * 2003-11-18 2008-01-31 International Business Machines Corporation Internet site authentication service
US20080028447A1 (en) * 2006-02-10 2008-01-31 Rsa Security Inc. Method and system for providing a one time password to work in conjunction with a browser
US20080028475A1 (en) * 2004-11-25 2008-01-31 Erez Kalman Method For Authenticating A Website
WO2008014007A2 (en) * 2006-07-28 2008-01-31 Brown University Certification and authentication of data structures
EP1906331A1 (en) 2006-09-30 2008-04-02 Pitney Bowes, Inc. Enhanced network server authentication using a physical out-of-band channel
US7356711B1 (en) 2002-05-30 2008-04-08 Microsoft Corporation Secure registration
US20080175377A1 (en) * 2007-01-22 2008-07-24 Global Crypto Systems Methods and Systems for Digital Authentication Using Digitally Signed Images
US20080209529A1 (en) * 2007-02-26 2008-08-28 Banco Bradesco S.A. Transaction integrity and authenticity check process
US20080209526A1 (en) * 2006-12-11 2008-08-28 Oracle International Corporation System and method for personalized security signature
US20080250477A1 (en) * 2004-07-15 2008-10-09 Anakam Inc. System and method for second factor authentication services
US20080319896A1 (en) * 2007-06-25 2008-12-25 Mark Carlson Cardless challenge systems and methods
WO2009009859A1 (en) * 2007-07-13 2009-01-22 Von Arx Kim G System and method for providing online services using registered and individualised domain names
US20090031033A1 (en) * 2007-07-26 2009-01-29 International Business Machines Corporation System and Method for User to Verify a Network Resource Address is Trusted
US20090037213A1 (en) * 2004-03-02 2009-02-05 Ori Eisen Method and system for identifying users and detecting fraud by use of the internet
US20090037727A1 (en) * 2003-04-10 2009-02-05 Max Pritikin Method and apparatus for securely exchanging cryptographic identities through a mutually trusted intermediary
US20090037995A1 (en) * 2007-07-31 2009-02-05 Onesimo Zapata System and Method For Authentication Of Users In A Secure Computer System
US20090083184A1 (en) * 2007-09-26 2009-03-26 Ori Eisen Methods and Apparatus for Detecting Fraud with Time Based Computer Tags
US20090089869A1 (en) * 2006-04-28 2009-04-02 Oracle International Corporation Techniques for fraud monitoring and detection using application fingerprinting
US20090100505A1 (en) * 2007-10-16 2009-04-16 Trusted Partners, Inc. Third-party-secured zones on web pages
US20090138950A1 (en) * 2007-11-16 2009-05-28 Arcot Systems, Inc. Two-factor anti-phishing authentication systems and methods
US7549171B2 (en) * 2004-06-10 2009-06-16 Hitachi, Ltd. Method and apparatus for validation of application data on a storage system
US20090165109A1 (en) * 2005-07-21 2009-06-25 Arcot Systems, Inc. Controlled and client-side authentication module
US20090193506A1 (en) * 2008-01-24 2009-07-30 Mcgrew David A Cryptographic peer discovery, authentication, and authorization for on-path signaling
US20090249445A1 (en) * 2008-03-27 2009-10-01 Sanjay Deshpande Authentication of Websites Based on Signature Matching
US20090259848A1 (en) * 2004-07-15 2009-10-15 Williams Jeffrey B Out of band system and method for authentication
US20090287604A1 (en) * 2008-05-16 2009-11-19 Ayse Korgav Desktop alert with interactive bona fide dispute initiation through chat session facilitated by desktop application
US20090299759A1 (en) * 2008-06-03 2009-12-03 International Business Machines Corporation Method and system for defeating the man in the middle computer hacking technique
US20090300749A1 (en) * 2008-06-03 2009-12-03 International Business Machines Corporation Method and system for defeating the man in the middle computer hacking technique
US20100004965A1 (en) * 2008-07-01 2010-01-07 Ori Eisen Systems and methods of sharing information through a tagless device consortium
US20100017615A1 (en) * 2006-12-15 2010-01-21 Boesgaard Soerensen Hans Martin Digital data authentication
US20100031022A1 (en) * 2006-12-12 2010-02-04 Columbus Venure Capital S .A. R. L. System and method for verifying networked sites
US20100031048A1 (en) * 2008-08-04 2010-02-04 Jason David Koziol Data authenticator
US7685631B1 (en) * 2003-02-05 2010-03-23 Microsoft Corporation Authentication of a server by a client to prevent fraudulent user interfaces
US20100095352A1 (en) * 2004-04-30 2010-04-15 Research In Motion Limited Message Service Indication System and Method
US20100100967A1 (en) * 2004-07-15 2010-04-22 Douglas James E Secure collaborative environment
US20100138338A1 (en) * 2008-09-24 2010-06-03 Ayman Hammad Intelligent alert system and method
US7784687B2 (en) 2007-12-24 2010-08-31 Dynamics Inc. Payment cards and devices with displays, chips, RFIDS, magnetic emulators, magnetic decoders, and other components
US7793851B2 (en) 2005-05-09 2010-09-14 Dynamics Inc. Dynamic credit card with magnetic stripe and embedded encoder and methods for using the same to provide a copy-proof credit card
US20100251144A1 (en) * 2007-10-16 2010-09-30 Shachar Shaty Third-party-secured zones on web pages
US20100268696A1 (en) * 2009-04-16 2010-10-21 Brad Nightengale Advanced Warning
US20100274572A1 (en) * 2009-04-28 2010-10-28 Ayman Hammad Alert architecture
US20100287250A1 (en) * 2009-04-28 2010-11-11 Mark Carlson Merchant Alert Based System and Method Including Customer Presence Notification
US20100299249A1 (en) * 2009-04-28 2010-11-25 Mark Carlson Sku level control and alerts
US20100325294A1 (en) * 2009-06-22 2010-12-23 Oracle International Corporation Enforcing communication security for selected resources
US20110082768A1 (en) * 2004-03-02 2011-04-07 The 41St Parameter, Inc. Method and System for Identifying Users and Detecting Fraud by Use of the Internet
US7971246B1 (en) * 2004-04-29 2011-06-28 James A. Roskind Identity theft countermeasures
US7996530B1 (en) 2004-11-15 2011-08-09 Bank Of America Corporation Method and apparatus for enabling authentication of on-line communications
USD643063S1 (en) 2010-07-09 2011-08-09 Dynamics Inc. Interactive electronic card with display
US20110225629A1 (en) * 2010-03-15 2011-09-15 F2Ware Inc. CAPTCHA (Completely Automated Public Test to Tell Computers and Humans Apart) Management Methods and Systems
US8066191B1 (en) 2009-04-06 2011-11-29 Dynamics Inc. Cards and assemblies with user interfaces
USD651238S1 (en) 2010-07-09 2011-12-27 Dynamics Inc. Interactive electronic card with display
USD651237S1 (en) 2010-07-09 2011-12-27 Dynamics Inc. Interactive electronic card with display
USD651644S1 (en) 2010-07-09 2012-01-03 Dynamics Inc. Interactive electronic card with display
USD652076S1 (en) 2010-07-09 2012-01-10 Dynamics Inc. Multiple button interactive electronic card with display
USD652075S1 (en) 2010-07-02 2012-01-10 Dynamics Inc. Multiple button interactive electronic card
USD652448S1 (en) 2010-07-02 2012-01-17 Dynamics Inc. Multiple button interactive electronic card
USD652449S1 (en) 2010-07-02 2012-01-17 Dynamics Inc. Multiple button interactive electronic card
USD652450S1 (en) 2010-07-09 2012-01-17 Dynamics Inc. Multiple button interactive electronic card
US8103645B1 (en) * 2005-02-02 2012-01-24 Symantec Corporation Automatic local deployment of site associated cues for antiphishing purposes
USD652867S1 (en) 2010-07-02 2012-01-24 Dynamics Inc. Multiple button interactive electronic card
USD653288S1 (en) 2010-07-09 2012-01-31 Dynamics Inc. Multiple button interactive electronic card
US8219822B2 (en) 2004-07-15 2012-07-10 Anakam, Inc. System and method for blocking unauthorized network log in using stolen password
US8226001B1 (en) 2010-06-23 2012-07-24 Fiteq, Inc. Method for broadcasting a magnetic stripe data packet from an electronic smart card
US8231063B2 (en) 2005-03-26 2012-07-31 Privasys Inc. Electronic card and methods for making same
USD665022S1 (en) 2010-07-09 2012-08-07 Dynamics Inc. Multiple button interactive electronic card with light source
USD665447S1 (en) 2010-07-09 2012-08-14 Dynamics Inc. Multiple button interactive electronic card with light source and display
USD666241S1 (en) 2010-07-09 2012-08-28 Dynamics Inc. Multiple button interactive electronic card with light source
US8271588B1 (en) * 2003-09-24 2012-09-18 Symantec Corporation System and method for filtering fraudulent email messages
USD670330S1 (en) 2011-05-12 2012-11-06 Dynamics Inc. Interactive card
USD670331S1 (en) 2011-05-12 2012-11-06 Dynamics Inc. Interactive display card
USD670329S1 (en) 2011-05-12 2012-11-06 Dynamics Inc. Interactive display card
USD670332S1 (en) 2011-05-12 2012-11-06 Dynamics Inc. Interactive card
USD670759S1 (en) 2010-07-02 2012-11-13 Dynamics Inc. Multiple button interactive electronic card with light sources
US8317103B1 (en) 2010-06-23 2012-11-27 FiTeq Method for broadcasting a magnetic stripe data packet from an electronic smart card
US8322623B1 (en) 2010-07-26 2012-12-04 Dynamics Inc. Systems and methods for advanced card printing
USD672389S1 (en) 2010-07-02 2012-12-11 Dynamics Inc. Multiple button interactive electronic card with light sources
USD673606S1 (en) 2012-08-27 2013-01-01 Dynamics Inc. Interactive electronic card with display and buttons
US8348172B1 (en) 2010-03-02 2013-01-08 Dynamics Inc. Systems and methods for detection mechanisms for magnetic cards and devices
USD674013S1 (en) 2010-07-02 2013-01-08 Dynamics Inc. Multiple button interactive electronic card with light sources
US8353016B1 (en) * 2008-02-29 2013-01-08 Adobe Systems Incorporated Secure portable store for security skins and authentication information
USD675256S1 (en) 2012-08-27 2013-01-29 Dynamics Inc. Interactive electronic card with display and button
USD676487S1 (en) 2012-08-27 2013-02-19 Dynamics Inc. Interactive electronic card with display and buttons
USD676904S1 (en) 2011-05-12 2013-02-26 Dynamics Inc. Interactive display card
US8393546B1 (en) 2009-10-25 2013-03-12 Dynamics Inc. Games, prizes, and entertainment for powered cards and devices
US8393545B1 (en) 2009-06-23 2013-03-12 Dynamics Inc. Cards deployed with inactivated products for activation
US8396455B2 (en) 2008-09-25 2013-03-12 Visa International Service Association Systems and methods for sorting alert and offer messages on a mobile device
US8412837B1 (en) 2004-07-08 2013-04-02 James A. Roskind Data privacy
US8423471B1 (en) * 2004-02-04 2013-04-16 Radix Holdings, Llc Protected document elements
US8485446B1 (en) 2011-03-28 2013-07-16 Dynamics Inc. Shielded magnetic stripe for magnetic cards and devices
USD687095S1 (en) 2012-08-27 2013-07-30 Dynamics Inc. Interactive electronic card with buttons
USD687094S1 (en) 2010-07-02 2013-07-30 Dynamics Inc. Multiple button interactive electronic card with light sources
USD687489S1 (en) 2012-08-27 2013-08-06 Dynamics Inc. Interactive electronic card with buttons
USD687488S1 (en) 2012-08-27 2013-08-06 Dynamics Inc. Interactive electronic card with buttons
USD687487S1 (en) 2012-08-27 2013-08-06 Dynamics Inc. Interactive electronic card with display and button
USD687490S1 (en) 2012-08-27 2013-08-06 Dynamics Inc. Interactive electronic card with display and button
USD687887S1 (en) 2012-08-27 2013-08-13 Dynamics Inc. Interactive electronic card with buttons
US8511574B1 (en) 2009-08-17 2013-08-20 Dynamics Inc. Advanced loyalty applications for powered cards and devices
USD688744S1 (en) 2012-08-27 2013-08-27 Dynamics Inc. Interactive electronic card with display and button
US8523059B1 (en) 2009-10-20 2013-09-03 Dynamics Inc. Advanced payment options for powered cards and devices
US8533118B2 (en) 2008-11-06 2013-09-10 Visa International Service Association Online challenge-response
US8540165B2 (en) 2005-03-26 2013-09-24 Privasys, Inc. Laminated electronic card assembly
US8555078B2 (en) 2008-02-29 2013-10-08 Adobe Systems Incorporated Relying party specifiable format for assertion provider token
US8561894B1 (en) 2010-10-20 2013-10-22 Dynamics Inc. Powered cards and devices designed, programmed, and deployed from a kiosk
USD692053S1 (en) 2012-08-27 2013-10-22 Dynamics Inc. Interactive electronic card with display and button
US8567679B1 (en) 2011-01-23 2013-10-29 Dynamics Inc. Cards and devices with embedded holograms
US8579203B1 (en) 2008-12-19 2013-11-12 Dynamics Inc. Electronic magnetic recorded media emulators in magnetic card devices
US8583921B1 (en) * 2004-06-30 2013-11-12 Lingyan Shu Method and system for identity authentication
USD694322S1 (en) 2012-08-27 2013-11-26 Dynamics Inc. Interactive electronic card with display buttons
US8602312B2 (en) 2010-02-16 2013-12-10 Dynamics Inc. Systems and methods for drive circuits for dynamic magnetic stripe communications devices
USD695636S1 (en) 2012-08-27 2013-12-17 Dynamics Inc. Interactive electronic card with display and buttons
US8622309B1 (en) 2009-04-06 2014-01-07 Dynamics Inc. Payment cards and devices with budgets, parental controls, and virtual accounts
US8628022B1 (en) 2011-05-23 2014-01-14 Dynamics Inc. Systems and methods for sensor mechanisms for magnetic cards and devices
US8645683B1 (en) 2005-08-11 2014-02-04 Aaron T. Emigh Verified navigation
US8684267B2 (en) 2005-03-26 2014-04-01 Privasys Method for broadcasting a magnetic stripe data packet from an electronic smart card
US8719907B2 (en) 2012-03-21 2014-05-06 Gary Martin SHANNON Computerized authorization system and method
US8727219B1 (en) 2009-10-12 2014-05-20 Dynamics Inc. Magnetic stripe track signal having multiple communications channels
US8788419B2 (en) 2006-12-30 2014-07-22 First Data Corporation Method and system for mitigating risk of fraud in internet banking
US8827153B1 (en) 2011-07-18 2014-09-09 Dynamics Inc. Systems and methods for waveform generation for dynamic magnetic stripe communications devices
US8888009B1 (en) 2012-02-14 2014-11-18 Dynamics Inc. Systems and methods for extended stripe mechanisms for magnetic cards and devices
US8931703B1 (en) 2009-03-16 2015-01-13 Dynamics Inc. Payment cards and devices for displaying barcodes
US20150026567A1 (en) * 2005-05-26 2015-01-22 Citrix Systems, Inc. Systems and methods for enhanced delta compression
US8949935B2 (en) 2012-09-20 2015-02-03 Apple Inc. Secure account creation
US8960545B1 (en) 2011-11-21 2015-02-24 Dynamics Inc. Data modification for magnetic cards and devices
US8984604B2 (en) 2010-05-07 2015-03-17 Blackberry Limited Locally stored phishing countermeasure
US9010644B1 (en) 2012-11-30 2015-04-21 Dynamics Inc. Dynamic magnetic stripe communications device with stepped magnetic material for magnetic cards and devices
US9010647B2 (en) 2012-10-29 2015-04-21 Dynamics Inc. Multiple sensor detector systems and detection methods of magnetic cards and devices
US9033218B1 (en) 2012-05-15 2015-05-19 Dynamics Inc. Cards, devices, systems, methods and dynamic security codes
USD729869S1 (en) 2012-08-27 2015-05-19 Dynamics Inc. Interactive electronic card with display and button
USD729870S1 (en) 2012-08-27 2015-05-19 Dynamics Inc. Interactive electronic card with display and button
USD729871S1 (en) 2012-08-27 2015-05-19 Dynamics Inc. Interactive electronic card with display and buttons
USD730439S1 (en) 2012-08-27 2015-05-26 Dynamics Inc. Interactive electronic card with buttons
USD730438S1 (en) 2012-08-27 2015-05-26 Dynamics Inc. Interactive electronic card with display and button
US9053398B1 (en) 2010-08-12 2015-06-09 Dynamics Inc. Passive detection mechanisms for magnetic cards and devices
US9064195B2 (en) 2012-06-29 2015-06-23 Dynamics Inc. Multiple layer card circuit boards
US9112850B1 (en) 2009-03-25 2015-08-18 The 41St Parameter, Inc. Systems and methods of sharing information through a tag-based consortium
USD737373S1 (en) 2013-09-10 2015-08-25 Dynamics Inc. Interactive electronic card with contact connector
USD750167S1 (en) 2013-03-04 2016-02-23 Dynamics Inc. Interactive electronic card with buttons
USD750166S1 (en) 2013-03-04 2016-02-23 Dynamics Inc. Interactive electronic card with display and buttons
USD750168S1 (en) 2013-03-04 2016-02-23 Dynamics Inc. Interactive electronic card with display and button
USD751639S1 (en) 2013-03-04 2016-03-15 Dynamics Inc. Interactive electronic card with display and button
USD751640S1 (en) 2013-03-04 2016-03-15 Dynamics Inc. Interactive electronic card with display and button
US9306666B1 (en) 2009-10-08 2016-04-05 Dynamics Inc. Programming protocols for powered cards and devices
US9329619B1 (en) 2009-04-06 2016-05-03 Dynamics Inc. Cards with power management
US9384348B2 (en) 2004-04-29 2016-07-05 James A. Roskind Identity theft countermeasures
USD764584S1 (en) 2013-03-04 2016-08-23 Dynamics Inc. Interactive electronic card with buttons
USD765174S1 (en) 2013-03-04 2016-08-30 Dynamics Inc. Interactive electronic card with button
USD765173S1 (en) 2013-03-04 2016-08-30 Dynamics Inc. Interactive electronic card with display and button
USD767024S1 (en) 2013-09-10 2016-09-20 Dynamics Inc. Interactive electronic card with contact connector
US9521551B2 (en) 2012-03-22 2016-12-13 The 41St Parameter, Inc. Methods and systems for persistent cross-application mobile device identification
USD777252S1 (en) 2013-03-04 2017-01-24 Dynamics Inc. Interactive electronic card with buttons
US9619741B1 (en) 2011-11-21 2017-04-11 Dynamics Inc. Systems and methods for synchronization mechanisms for magnetic cards and devices
US9633201B1 (en) 2012-03-01 2017-04-25 The 41St Parameter, Inc. Methods and systems for fraud containment
US9646240B1 (en) 2010-11-05 2017-05-09 Dynamics Inc. Locking features for powered cards and devices
US9659246B1 (en) 2012-11-05 2017-05-23 Dynamics Inc. Dynamic magnetic stripe communications device with beveled magnetic material for magnetic cards and devices
US9703983B2 (en) 2005-12-16 2017-07-11 The 41St Parameter, Inc. Methods and apparatus for securely displaying digital images
USD792513S1 (en) 2010-07-09 2017-07-18 Dynamics Inc. Display with font
US9710802B2 (en) 2009-04-28 2017-07-18 Visa International Service Association Merchant competition alert
USD792512S1 (en) 2010-07-09 2017-07-18 Dynamics Inc. Display with font
US9710745B1 (en) 2012-02-09 2017-07-18 Dynamics Inc. Systems and methods for automated assembly of dynamic magnetic stripe communications devices
USD792511S1 (en) 2010-07-09 2017-07-18 Dynamics Inc. Display with font
US9734669B1 (en) 2012-04-02 2017-08-15 Dynamics Inc. Cards, devices, systems, and methods for advanced payment game of skill and game of chance functionality
US9754256B2 (en) 2010-10-19 2017-09-05 The 41St Parameter, Inc. Variable risk engine
US9818125B2 (en) 2011-02-16 2017-11-14 Dynamics Inc. Systems and methods for information exchange mechanisms for powered cards and devices
US9836680B1 (en) 2011-03-03 2017-12-05 Dynamics Inc. Systems and methods for advanced communication mechanisms for magnetic cards and devices
US9916992B2 (en) 2012-02-20 2018-03-13 Dynamics Inc. Systems and methods for flexible components for powered cards and devices
US9972013B2 (en) 2013-08-15 2018-05-15 Mastercard International Incorporated Internet site authentication with payments authorization data
US9990631B2 (en) 2012-11-14 2018-06-05 The 41St Parameter, Inc. Systems and methods of global identification
US10022884B1 (en) 2010-10-15 2018-07-17 Dynamics Inc. Systems and methods for alignment techniques for magnetic cards and devices
US10032049B2 (en) 2016-02-23 2018-07-24 Dynamics Inc. Magnetic cards and devices for motorized readers
US10055614B1 (en) 2010-08-12 2018-08-21 Dynamics Inc. Systems and methods for advanced detection mechanisms for magnetic cards and devices
US10062024B1 (en) 2012-02-03 2018-08-28 Dynamics Inc. Systems and methods for spike suppression for dynamic magnetic stripe communications devices
USD828870S1 (en) 2012-08-27 2018-09-18 Dynamics Inc. Display card
US10091312B1 (en) 2014-10-14 2018-10-02 The 41St Parameter, Inc. Data structures for intelligently resolving deterministic and probabilistic device identifiers to device profiles and/or groups
US10095970B1 (en) 2011-01-31 2018-10-09 Dynamics Inc. Cards including anti-skimming devices
US10108891B1 (en) 2014-03-21 2018-10-23 Dynamics Inc. Exchange coupled amorphous ribbons for electronic stripes
US10230755B2 (en) * 2003-12-11 2019-03-12 Huawei Technologies Co., Ltd. Fraud prevention via distinctive URL display
US10270776B2 (en) * 2012-04-20 2019-04-23 Ologn Technologies Ag Secure zone for secure transactions
US10417637B2 (en) 2012-08-02 2019-09-17 The 41St Parameter, Inc. Systems and methods for accessing records via derivative locators
US10453066B2 (en) 2003-07-01 2019-10-22 The 41St Parameter, Inc. Keystroke analysis
US10484338B2 (en) 2012-04-13 2019-11-19 Ologn Technologies Ag Secure zone for digital communications
US10504105B2 (en) 2010-05-18 2019-12-10 Dynamics Inc. Systems and methods for cards and devices operable to communicate to touch sensitive displays
US10693263B1 (en) 2010-03-16 2020-06-23 Dynamics Inc. Systems and methods for audio connectors for powered cards and devices
US10902327B1 (en) 2013-08-30 2021-01-26 The 41St Parameter, Inc. System and method for device identification and uniqueness
US10949627B2 (en) 2012-12-20 2021-03-16 Dynamics Inc. Systems and methods for non-time smearing detection mechanisms for magnetic cards and devices
US11100431B2 (en) 2011-05-10 2021-08-24 Dynamics Inc. Systems and methods for mobile authorizations
US11126997B1 (en) 2012-10-02 2021-09-21 Dynamics Inc. Cards, devices, systems, and methods for a fulfillment system
US11164206B2 (en) * 2018-11-16 2021-11-02 Comenity Llc Automatically aggregating, evaluating, and providing a contextually relevant offer
US11176546B2 (en) 2013-03-15 2021-11-16 Ologn Technologies Ag Systems, methods and apparatuses for securely storing and providing payment information
US11301585B2 (en) 2005-12-16 2022-04-12 The 41St Parameter, Inc. Methods and apparatus for securely displaying digital images
US11314838B2 (en) 2011-11-15 2022-04-26 Tapad, Inc. System and method for analyzing user device information
US11409971B1 (en) 2011-10-23 2022-08-09 Dynamics Inc. Programming and test modes for powered cards and devices
US11418483B1 (en) 2012-04-19 2022-08-16 Dynamics Inc. Cards, devices, systems, and methods for zone-based network management
US11551046B1 (en) 2011-10-19 2023-01-10 Dynamics Inc. Stacked dynamic magnetic stripe commmunications device for magnetic cards and devices
US11645377B1 (en) * 2017-08-17 2023-05-09 Walgreen Co. Online authentication and security management using device-based identification
US11924242B2 (en) * 2021-01-25 2024-03-05 Huawei Technologies Co., Ltd. Fraud prevention via distinctive URL display

Families Citing this family (79)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7730321B2 (en) 2003-05-09 2010-06-01 Emc Corporation System and method for authentication of users and communications received from computer systems
US7966492B1 (en) 2002-05-10 2011-06-21 Emc Corporation System and method for allowing an e-mail message recipient to authenticate the message
US20060129681A1 (en) * 2002-08-19 2006-06-15 Axalto Sa Secured method to exchange data between data between browser and a web site
US7660790B1 (en) * 2005-02-24 2010-02-09 Symantec Operating Corporation Method and apparatus for utilizing a file change log
WO2005003907A2 (en) * 2003-06-26 2005-01-13 Ebay Inc. Method and apparatus to authenticate and authorize user access to a system
US7610617B2 (en) * 2003-12-23 2009-10-27 Wells Fargo Bank, N.A. Authentication system for networked computer applications
US20050177724A1 (en) * 2004-01-16 2005-08-11 Valiuddin Ali Authentication system and method
US7882361B2 (en) * 2004-02-05 2011-02-01 Oracle America, Inc. Method and system for accepting a pass code
US8171303B2 (en) * 2004-11-03 2012-05-01 Astav, Inc. Authenticating a login
US8195952B2 (en) 2004-12-14 2012-06-05 International Business Machines Corporation System and method of facilitating the identification of a computer on a network
US11288666B1 (en) * 2005-02-02 2022-03-29 Edge Mobile Payments Llc System and method for real-time processing of on-line financial transactions using a universal financial token and a remotely located rule-module clearinghouse
US20070162961A1 (en) * 2005-02-25 2007-07-12 Kelvin Tarrance Identification authentication methods and systems
US7890634B2 (en) * 2005-03-18 2011-02-15 Microsoft Corporation Scalable session management
US8694589B2 (en) 2005-03-31 2014-04-08 Google Inc. Methods and systems for saving draft electronic communications
US8886706B1 (en) 2005-03-31 2014-11-11 Google Inc. Server-based backup system for user data
US7506163B2 (en) * 2005-04-01 2009-03-17 Ve Networks Methods and apparatuses for security visualization
US20080035738A1 (en) * 2005-05-09 2008-02-14 Mullen Jeffrey D Dynamic credit card with magnetic stripe and embedded encoder and methods for using the same to provide a copy-proof credit card
US20060259767A1 (en) * 2005-05-16 2006-11-16 Mansz Robert P Methods and apparatuses for information authentication and user interface feedback
US8943304B2 (en) 2006-08-03 2015-01-27 Citrix Systems, Inc. Systems and methods for using an HTTP-aware client agent
US9692725B2 (en) 2005-05-26 2017-06-27 Citrix Systems, Inc. Systems and methods for using an HTTP-aware client agent
US9407608B2 (en) 2005-05-26 2016-08-02 Citrix Systems, Inc. Systems and methods for enhanced client side policy
US7584281B2 (en) * 2005-06-07 2009-09-01 Datasynapse, Inc. Method for allocating shared computing infrastructure for application server-based deployments
KR101355496B1 (en) 2005-08-29 2014-01-28 디 인벤션 사이언스 펀드 원, 엘엘씨 Scheduling mechanism of a hierarchical processor including multiple parallel clusters
KR100654039B1 (en) 2005-11-14 2006-12-05 에스케이 텔레콤주식회사 Authentication for service server in wireless internet and settlement using the same
GB2434662A (en) * 2006-01-13 2007-08-01 Deepnet Technologies Ltd Authenticating a server to a user by displaying an image
CN101427510B (en) * 2006-03-09 2011-05-11 威斯科数据安全国际有限公司 Digipass for the web-functional description
US20070244831A1 (en) * 2006-04-18 2007-10-18 Kuo James Shaw-Han System and method for secure online transaction
US8560595B2 (en) * 2006-06-23 2013-10-15 Microsoft Corporation Virtualization of mobile device user experience
US20080034428A1 (en) * 2006-07-17 2008-02-07 Yahoo! Inc. Anti-phishing for client devices
US8010996B2 (en) * 2006-07-17 2011-08-30 Yahoo! Inc. Authentication seal for online applications
US7770002B2 (en) * 2006-08-17 2010-08-03 Fiserv, Inc. Multi-factor authentication
US20080072295A1 (en) * 2006-09-20 2008-03-20 Nathaniel Solomon Borenstein Method and System for Authentication
JP4607082B2 (en) * 2006-09-27 2011-01-05 株式会社エヌ・ティ・ティ・データ Information processing apparatus, management method, and computer program
US8060916B2 (en) * 2006-11-06 2011-11-15 Symantec Corporation System and method for website authentication using a shared secret
US20080127319A1 (en) * 2006-11-29 2008-05-29 Yahoo! Inc. Client based online fraud prevention
US8108918B2 (en) * 2007-02-27 2012-01-31 Red Hat, Inc. Zero knowledge attribute storage and retrieval
US20080220872A1 (en) * 2007-03-08 2008-09-11 Timothy Michael Midgley Method and apparatus for issuing a challenge prompt in a gaming environment
US8584232B2 (en) 2007-04-23 2013-11-12 Sap Ag Enhanced cross-site attack prevention
US8191117B2 (en) * 2007-10-25 2012-05-29 Anchorfree, Inc. Location-targeted online services
US8297506B2 (en) * 2008-01-04 2012-10-30 E-Government Consulting Group, Inc. Systems and methods for secure voting
US8208375B2 (en) * 2008-03-17 2012-06-26 Microsoft Corporation Selective filtering of network traffic requests
US8438622B2 (en) * 2008-07-10 2013-05-07 Honesty Online, Llc Methods and apparatus for authorizing access to data
US8656462B2 (en) * 2008-07-24 2014-02-18 Zscaler, Inc. HTTP authentication and authorization management
US9379895B2 (en) 2008-07-24 2016-06-28 Zscaler, Inc. HTTP authentication and authorization management
KR101614945B1 (en) * 2008-08-20 2016-04-25 삼성전자주식회사 Method and apparatus for protecting of pravacy in home network
US20100161468A1 (en) * 2008-12-18 2010-06-24 Hickman Justin A Systems and methods for authenticating parties engaging in a financial transaction
US8555069B2 (en) * 2009-03-06 2013-10-08 Microsoft Corporation Fast-reconnection of negotiable authentication network clients
US20100293604A1 (en) * 2009-05-14 2010-11-18 Microsoft Corporation Interactive authentication challenge
US8489685B2 (en) 2009-07-17 2013-07-16 Aryaka Networks, Inc. Application acceleration as a service system and method
US9444620B1 (en) * 2010-06-24 2016-09-13 F5 Networks, Inc. Methods for binding a session identifier to machine-specific identifiers and systems thereof
US8732855B2 (en) * 2010-09-30 2014-05-20 Google Inc. Launching a cached web application based on authentication status
US20120136708A1 (en) * 2010-11-30 2012-05-31 Amazon Technologies, Inc. Digital Coupon System
US20120136707A1 (en) * 2010-11-30 2012-05-31 Amazon Technologies, Inc. Digital Coupon System
WO2012092261A2 (en) 2010-12-29 2012-07-05 Citrix Systems, Inc. Systems and methods for multi-level tagging of encrypted items for additional security and efficient encrypted item determination
JP5960690B2 (en) * 2011-04-19 2016-08-02 株式会社Murakumo Network access system
US20120280789A1 (en) * 2011-05-02 2012-11-08 Apigy Inc. Systems and methods for controlling a locking mechanism using a portable electronic device
US8346672B1 (en) * 2012-04-10 2013-01-01 Accells Technologies (2009), Ltd. System and method for secure transaction process via mobile device
JP5677899B2 (en) * 2011-06-16 2015-02-25 株式会社三菱東京Ufj銀行 Information processing apparatus and information processing method
US8959347B2 (en) * 2011-08-29 2015-02-17 Salesforce.Com, Inc. Methods and systems of data security in browser storage
US9256724B2 (en) * 2011-08-30 2016-02-09 Securepush Ltd. Method and system for authorizing an action at a site
US8955066B1 (en) 2012-06-28 2015-02-10 Emc Corporation Knowledge based authentication using recent user internet activity
US9087020B1 (en) * 2012-07-05 2015-07-21 A9.Com, Inc. Managing and retrieving content from a shared storage
US10540693B1 (en) 2012-08-20 2020-01-21 Amazon Technologies, Inc. Advertisements responsive to coupon states
US9300644B1 (en) * 2013-02-22 2016-03-29 Symantec Corporation Knowledge-based authentication based on tracked credential usage
US9584489B2 (en) * 2015-01-29 2017-02-28 Google Inc. Controlling access to resource functions at a control point of the resource via a user device
US20160241536A1 (en) * 2015-02-13 2016-08-18 Wepay, Inc. System and methods for user authentication across multiple domains
US10089654B1 (en) 2015-09-24 2018-10-02 Amazon Technologies, Inc. Detecting expired content within slots in a user interface
CN105630981A (en) * 2015-12-25 2016-06-01 小米科技有限责任公司 Network resource loading and configuration method and device
US9613221B1 (en) * 2015-12-30 2017-04-04 Quixey, Inc. Signed application cards
JP2017162214A (en) * 2016-03-09 2017-09-14 富士通株式会社 Proximity communication device, proximity communication method, and proximity communication program
US11063758B1 (en) 2016-11-01 2021-07-13 F5 Networks, Inc. Methods for facilitating cipher selection and devices thereof
US11418364B2 (en) 2017-06-07 2022-08-16 Combined Conditional Access Development And Support, Llc Determining a session key using session data
WO2019028039A1 (en) 2017-08-01 2019-02-07 The Chamberlain Group, Inc. System for facilitating access to a secured area
US11055942B2 (en) 2017-08-01 2021-07-06 The Chamberlain Group, Inc. System and method for facilitating access to a secured area
CN108494739B (en) * 2018-03-01 2021-01-15 武汉噢易云计算股份有限公司 Mac machine room batch login method and system
US11507711B2 (en) 2018-05-18 2022-11-22 Dollypup Productions, Llc. Customizable virtual 3-dimensional kitchen components
US10887345B1 (en) * 2019-06-26 2021-01-05 Paypal, Inc. Protecting users from phishing attempts
JP7042976B2 (en) * 2019-07-04 2022-03-28 三菱電機株式会社 Information processing equipment and information processing method
US11741213B2 (en) * 2021-06-24 2023-08-29 Bank Of America Corporation Systems for enhanced bilateral machine security

Citations (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6006328A (en) 1995-07-14 1999-12-21 Christopher N. Drake Computer software authentication, protection, and security system
US6161139A (en) * 1998-07-10 2000-12-12 Encommerce, Inc. Administrative roles that govern access to administrative functions
EP1128628A1 (en) * 2000-02-23 2001-08-29 Tradesafely.com Limited Method and apparatus for Internet web site authentication
US20010045451A1 (en) * 2000-02-28 2001-11-29 Tan Warren Yung-Hang Method and system for token-based authentication
US6374359B1 (en) * 1998-11-19 2002-04-16 International Business Machines Corporation Dynamic use and validation of HTTP cookies for authentication
US6401125B1 (en) 1999-08-05 2002-06-04 Nextpage, Inc. System and method for maintaining state information between a web proxy server and its clients
US20020124172A1 (en) * 2001-03-05 2002-09-05 Brian Manahan Method and apparatus for signing and validating web pages
US20030046551A1 (en) * 2001-08-24 2003-03-06 Sean Brennan System and method for accomplishing two-factor user authentication using the internet
WO2003044641A1 (en) * 2001-11-16 2003-05-30 Comodo Research Lab Limited Improvements in and relating to web site authentication
US6632248B1 (en) 1996-12-06 2003-10-14 Microsoft Corporation Customization of network documents by accessing customization information on a server computer using uniquie user identifiers
US6691232B1 (en) * 1999-08-05 2004-02-10 Sun Microsystems, Inc. Security architecture with environment sensitive credential sufficiency evaluation
US6715080B1 (en) * 1998-10-01 2004-03-30 Unisys Corporation Making CGI variables and cookie information available to an OLTP system

Family Cites Families (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6460141B1 (en) 1998-10-28 2002-10-01 Rsa Security Inc. Security and access management system for web-enabled and non-web-enabled applications and content on a computer network
US6985953B1 (en) * 1998-11-30 2006-01-10 George Mason University System and apparatus for storage and transfer of secure data on web
AU7116800A (en) * 1999-09-09 2001-04-10 American Express Travel Related Services Company, Inc. System and method for authenticating a web page
US6950949B1 (en) * 1999-10-08 2005-09-27 Entrust Limited Method and apparatus for password entry using dynamic interface legitimacy information
ATE272285T1 (en) * 2000-02-23 2004-08-15 Tradesafely Com Ltd METHOD AND DEVICE FOR VERIFYING INTERNET WEB SITES
CA2327078C (en) * 2000-11-30 2005-01-11 Ibm Canada Limited-Ibm Canada Limitee Secure session management and authentication for web sites
US7100049B2 (en) * 2002-05-10 2006-08-29 Rsa Security Inc. Method and apparatus for authentication of users and web sites

Patent Citations (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6006328A (en) 1995-07-14 1999-12-21 Christopher N. Drake Computer software authentication, protection, and security system
US6632248B1 (en) 1996-12-06 2003-10-14 Microsoft Corporation Customization of network documents by accessing customization information on a server computer using uniquie user identifiers
US6161139A (en) * 1998-07-10 2000-12-12 Encommerce, Inc. Administrative roles that govern access to administrative functions
US6715080B1 (en) * 1998-10-01 2004-03-30 Unisys Corporation Making CGI variables and cookie information available to an OLTP system
US6374359B1 (en) * 1998-11-19 2002-04-16 International Business Machines Corporation Dynamic use and validation of HTTP cookies for authentication
US6401125B1 (en) 1999-08-05 2002-06-04 Nextpage, Inc. System and method for maintaining state information between a web proxy server and its clients
US6691232B1 (en) * 1999-08-05 2004-02-10 Sun Microsystems, Inc. Security architecture with environment sensitive credential sufficiency evaluation
EP1128628A1 (en) * 2000-02-23 2001-08-29 Tradesafely.com Limited Method and apparatus for Internet web site authentication
US20010045451A1 (en) * 2000-02-28 2001-11-29 Tan Warren Yung-Hang Method and system for token-based authentication
US20020124172A1 (en) * 2001-03-05 2002-09-05 Brian Manahan Method and apparatus for signing and validating web pages
US20030046551A1 (en) * 2001-08-24 2003-03-06 Sean Brennan System and method for accomplishing two-factor user authentication using the internet
WO2003044641A1 (en) * 2001-11-16 2003-05-30 Comodo Research Lab Limited Improvements in and relating to web site authentication

Non-Patent Citations (12)

* Cited by examiner, † Cited by third party
Title
"Challenge-response test." Wikipedia entry. http://www.fact-index.com/c/ch/challenge<SUB>-</SUB>response<SUB>-</SUB>test.html.
"Verified by Visa" Online Demonstration, Password Window Details, "Personal Message", 2002. http://usa.visa.com/personal/secure<SUB>-</SUB>with<SUB>-</SUB>visa/verified/how<SUB>-</SUB>it<SUB>-</SUB>works.html.
Anshu, Nahar. "RE: 3D Secure Vulnerabilities?" Online forum, Oct. 24, 2001. http://lists.commerce.net/archives/set-discuss/200110/msg00004.html.
Merkow, Mark. "Visa Prepares To Roll Out 'Verified by Visa' Service." Earthweb.com, Aug. 02, 2001. http://news.earthweb.com/wireless/print.php/858951.
PCT International Search Report Mailed Dec. 9, 2005.
PCT, International Preliminary Report On Patentability, Nov. 24, 2005, Wipo.
Rachna Dhamija, J.D. Tygar, The Battle Against Phishing: Dynamic Security Skins, Symposium on Usable Privacy and Security (SOUPS), Jul. 6-8, 2005, Pittsburgh, PA, USA, 12 pages.
Radwin, Michael J. "A Challenge-Response Protocol with Digital Signatures." May 1997. http://www.radwin.org/michael/projects/jnfs/paper/node32.html.
Tally, Gregg, Roshan Thomas and Tom Van Vleck. "Anti-Phishing: Best Practices for Institutions and Consumers." McAfee Security research, Mar. 2004. Santa Clara, CA.
Tally, Gregg. "How Phishing Can Impact You and Your Organization." Power Point presentation. McAfee Research. Mar. 2004.
Visa U.S.A. Press Release. "CDNOW Makes Online Payments More Secure With Visa Payer Authentication." Aug. 01, 2001. San Francisco. http://usa.visa.com/personal/newsroom/press<SUB>-</SUB>releases/nr24.html.
Written Opinion of the International Searching Authority Mailed Dec. 9, 2005.

Cited By (486)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020103645A1 (en) * 2001-01-31 2002-08-01 Hitachi, Ltd. Authenticity output method and its apparatus, and processing program
US7269852B2 (en) * 2001-01-31 2007-09-11 Hitachi, Ltd. Authenticity output method and its apparatus, and processing program
US20030129006A1 (en) * 2001-12-14 2003-07-10 Hitachi Printing Solutions, Ltd. Multi-color printer and method therefor
US7346775B2 (en) * 2002-05-10 2008-03-18 Rsa Security Inc. System and method for authentication of users and web sites
US7562222B2 (en) * 2002-05-10 2009-07-14 Rsa Security Inc. System and method for authenticating entities to users
US20060288213A1 (en) * 2002-05-10 2006-12-21 Gasparini Louis A System and method for authentication of users and web sites
US20050268100A1 (en) * 2002-05-10 2005-12-01 Gasparini Louis A System and method for authenticating entities to users
US7523490B2 (en) 2002-05-15 2009-04-21 Microsoft Corporation Session key security protocol
US7971240B2 (en) 2002-05-15 2011-06-28 Microsoft Corporation Session key security protocol
US20030217288A1 (en) * 2002-05-15 2003-11-20 Microsoft Corporation Session key secruity protocol
US7356711B1 (en) 2002-05-30 2008-04-08 Microsoft Corporation Secure registration
US20040148517A1 (en) * 2003-01-23 2004-07-29 International Business Machines System, method and program product for managing user account information
US7496760B2 (en) * 2003-01-23 2009-02-24 International Business Machines Corporation System, method and program product for managing user account information
US8776199B2 (en) * 2003-02-05 2014-07-08 Microsoft Corporation Authentication of a server by a client to prevent fraudulent user interfaces
US20100115594A1 (en) * 2003-02-05 2010-05-06 Microsoft Corporation Authentication of a server by a client to prevent fraudulent user interfaces
US7685631B1 (en) * 2003-02-05 2010-03-23 Microsoft Corporation Authentication of a server by a client to prevent fraudulent user interfaces
US7743246B2 (en) 2003-04-10 2010-06-22 Cisco Technology, Inc. Method and apparatus for securely exchanging cryptographic identities through a mutually trusted intermediary
US20090037727A1 (en) * 2003-04-10 2009-02-05 Max Pritikin Method and apparatus for securely exchanging cryptographic identities through a mutually trusted intermediary
US20040205960A1 (en) * 2003-04-15 2004-10-21 Mitsuhiko Miyazaki Electric part handling device
US10453066B2 (en) 2003-07-01 2019-10-22 The 41St Parameter, Inc. Keystroke analysis
US11238456B2 (en) 2003-07-01 2022-02-01 The 41St Parameter, Inc. Keystroke analysis
US7552330B2 (en) * 2003-08-27 2009-06-23 Mnemonic Security Limited Mutual authentication system between user and system
US20060230435A1 (en) * 2003-08-27 2006-10-12 Hitoshi Kokumai Mutual authentication system between user and system
US8271588B1 (en) * 2003-09-24 2012-09-18 Symantec Corporation System and method for filtering fraudulent email messages
US7475425B2 (en) * 2003-11-18 2009-01-06 International Business Machines Corporation Internet site authentication service
US20080028465A1 (en) * 2003-11-18 2008-01-31 International Business Machines Corporation Internet site authentication service
US20210243222A1 (en) * 2003-12-11 2021-08-05 Huawei Technologies Co., Ltd. Fraud prevention via distinctive url display
US20060167799A1 (en) * 2003-12-11 2006-07-27 Wehunt Nathan P Client-server-type security system, such as a security system for use with computer network consumer transactions
US10270800B2 (en) 2003-12-11 2019-04-23 Huawei Technologies Co., Ltd. Method for computer security based on message and message sender
US11689559B2 (en) 2003-12-11 2023-06-27 Huawei Technologies Co., Ltd. Anti-phishing
US10230755B2 (en) * 2003-12-11 2019-03-12 Huawei Technologies Co., Ltd. Fraud prevention via distinctive URL display
US10972499B2 (en) * 2003-12-11 2021-04-06 Huawei Technologies Co., Ltd. Fraud prevention via distinctive URL display
US11005881B2 (en) 2003-12-11 2021-05-11 Huawei Technologies Co., Ltd. Anti-phishing
US9191215B2 (en) 2003-12-30 2015-11-17 Entrust, Inc. Method and apparatus for providing authentication using policy-controlled authentication articles and techniques
US20060156385A1 (en) * 2003-12-30 2006-07-13 Entrust Limited Method and apparatus for providing authentication using policy-controlled authentication articles and techniques
US9519770B2 (en) 2003-12-30 2016-12-13 Entrust, Inc. Transaction card for providing electronic message authentication
US20050144449A1 (en) * 2003-12-30 2005-06-30 Entrust Limited Method and apparatus for providing mutual authentication between a sending unit and a recipient
US20070005967A1 (en) * 2003-12-30 2007-01-04 Entrust Limited Method and apparatus for providing authentication between a sending unit and a recipient based on challenge usage data
US20050144451A1 (en) * 2003-12-30 2005-06-30 Entrust Limited Method and apparatus for providing electronic message authentication
US20050149761A1 (en) * 2003-12-30 2005-07-07 Entrust Limited Method and apparatus for securely providing identification information using translucent identification member
US20060015725A1 (en) * 2003-12-30 2006-01-19 Entrust Limited Offline methods for authentication in a client/server authentication system
US9876793B2 (en) 2003-12-30 2018-01-23 Entrust, Inc. Offline methods for authentication in a client/server authentication system
US8612757B2 (en) 2003-12-30 2013-12-17 Entrust, Inc. Method and apparatus for securely providing identification information using translucent identification member
US9100194B2 (en) 2003-12-30 2015-08-04 Entrust Inc. Method and apparatus for providing authentication between a sending unit and a recipient based on challenge usage data
US8966579B2 (en) 2003-12-30 2015-02-24 Entrust, Inc. Method and apparatus for providing authentication between a sending unit and a recipient based on challenge usage data
US8060915B2 (en) * 2003-12-30 2011-11-15 Entrust, Inc. Method and apparatus for providing electronic message authentication
US8230486B2 (en) 2003-12-30 2012-07-24 Entrust, Inc. Method and apparatus for providing mutual authentication between a sending unit and a recipient
US10009378B2 (en) 2003-12-30 2018-06-26 Entrust, Inc. Method and apparatus for providing authentication using policy-controlled authentication articles and techniques
US9281945B2 (en) 2003-12-30 2016-03-08 Entrust, Inc. Offline methods for authentication in a client/server authentication system
US20070288743A1 (en) * 2004-01-12 2007-12-13 Cisco Technology, Inc. Enabling stateless server-based pre-shared secrets
US8166301B2 (en) * 2004-01-12 2012-04-24 Cisco Technology, Inc. Enabling stateless server-based pre-shared secrets
US20050172229A1 (en) * 2004-01-29 2005-08-04 Arcot Systems, Inc. Browser user-interface security application
US8423471B1 (en) * 2004-02-04 2013-04-16 Radix Holdings, Llc Protected document elements
US7853533B2 (en) 2004-03-02 2010-12-14 The 41St Parameter, Inc. Method and system for identifying users and detecting fraud by use of the internet
US10999298B2 (en) 2004-03-02 2021-05-04 The 41St Parameter, Inc. Method and system for identifying users and detecting fraud by use of the internet
US8862514B2 (en) 2004-03-02 2014-10-14 The 41St Parameter, Inc. Method and system for identifying users and detecting fraud by use of the internet
US20070239606A1 (en) * 2004-03-02 2007-10-11 Ori Eisen Method and system for identifying users and detecting fraud by use of the internet
US20090037213A1 (en) * 2004-03-02 2009-02-05 Ori Eisen Method and system for identifying users and detecting fraud by use of the internet
US20110082768A1 (en) * 2004-03-02 2011-04-07 The 41St Parameter, Inc. Method and System for Identifying Users and Detecting Fraud by Use of the Internet
US11683326B2 (en) 2004-03-02 2023-06-20 The 41St Parameter, Inc. Method and system for identifying users and detecting fraud by use of the internet
US20050228998A1 (en) * 2004-04-02 2005-10-13 Microsoft Corporation Public key infrastructure scalability certificate revocation status validation
US7437551B2 (en) 2004-04-02 2008-10-14 Microsoft Corporation Public key infrastructure scalability certificate revocation status validation
US20050228782A1 (en) * 2004-04-07 2005-10-13 Alexandre Bronstein Authenticating a web site with user-provided indicators
WO2005101185A2 (en) * 2004-04-07 2005-10-27 Astav, Inc Authenticating a web site with user-provided indicators
WO2005101185A3 (en) * 2004-04-07 2008-01-10 Astav Inc Authenticating a web site with user-provided indicators
US20060090073A1 (en) * 2004-04-27 2006-04-27 Shira Steinberg System and method of using human friendly representations of mathematical values and activity analysis to confirm authenticity
US7971246B1 (en) * 2004-04-29 2011-06-28 James A. Roskind Identity theft countermeasures
US8381293B2 (en) * 2004-04-29 2013-02-19 James A. Roskind Identity theft countermeasures
US9832225B2 (en) * 2004-04-29 2017-11-28 James A. Roskind Identity theft countermeasures
US20110225652A1 (en) * 2004-04-29 2011-09-15 Emigh Aaron T Identity theft countermeasures
US9384348B2 (en) 2004-04-29 2016-07-05 James A. Roskind Identity theft countermeasures
US20100095352A1 (en) * 2004-04-30 2010-04-15 Research In Motion Limited Message Service Indication System and Method
US7992216B2 (en) * 2004-04-30 2011-08-02 Research In Motion Limited Message service indication system and method
US7549171B2 (en) * 2004-06-10 2009-06-16 Hitachi, Ltd. Method and apparatus for validation of application data on a storage system
US20060026421A1 (en) * 2004-06-15 2006-02-02 Gasparini Louis A System and method for making accessible a set of services to users
US8261336B2 (en) * 2004-06-15 2012-09-04 Emc Corporation System and method for making accessible a set of services to users
US8583921B1 (en) * 2004-06-30 2013-11-12 Lingyan Shu Method and system for identity authentication
US20070165849A1 (en) * 2004-07-07 2007-07-19 Varghese Thomas E Online data encryption and decryption
US7596701B2 (en) 2004-07-07 2009-09-29 Oracle International Corporation Online data encryption and decryption
US7822990B2 (en) 2004-07-07 2010-10-26 Oracle International Corporation Online data encryption and decryption
US8484455B2 (en) 2004-07-07 2013-07-09 Oracle International Corporation Online data encryption and decryption
US20060104446A1 (en) * 2004-07-07 2006-05-18 Varghese Thomas E Online data encryption and decryption
US7616764B2 (en) 2004-07-07 2009-11-10 Oracle International Corporation Online data encryption and decryption
US20070192615A1 (en) * 2004-07-07 2007-08-16 Varghese Thomas E Online data encryption and decryption
US20060020815A1 (en) * 2004-07-07 2006-01-26 Bharosa Inc. Online data encryption and decryption
US20110055548A1 (en) * 2004-07-07 2011-03-03 Oracle International Corporation Online data encryption and decryption
US8412837B1 (en) 2004-07-08 2013-04-02 James A. Roskind Data privacy
US9450754B2 (en) 2004-07-08 2016-09-20 James A. Roskind Data privacy
US8533791B2 (en) 2004-07-15 2013-09-10 Anakam, Inc. System and method for second factor authentication services
US8219822B2 (en) 2004-07-15 2012-07-10 Anakam, Inc. System and method for blocking unauthorized network log in using stolen password
US7676834B2 (en) 2004-07-15 2010-03-09 Anakam L.L.C. System and method for blocking unauthorized network log in using stolen password
US20070266257A1 (en) * 2004-07-15 2007-11-15 Allan Camaisa System and method for blocking unauthorized network log in using stolen password
US8079070B2 (en) * 2004-07-15 2011-12-13 Anakam LLC System and method for blocking unauthorized network log in using stolen password
US20090259848A1 (en) * 2004-07-15 2009-10-15 Williams Jeffrey B Out of band system and method for authentication
US8528078B2 (en) 2004-07-15 2013-09-03 Anakam, Inc. System and method for blocking unauthorized network log in using stolen password
US9047473B2 (en) 2004-07-15 2015-06-02 Anakam, Inc. System and method for second factor authentication services
US20080250477A1 (en) * 2004-07-15 2008-10-09 Anakam Inc. System and method for second factor authentication services
US20060015743A1 (en) * 2004-07-15 2006-01-19 Anakam L.L.C. System and method for blocking unauthorized network log in using stolen password
US20100100967A1 (en) * 2004-07-15 2010-04-22 Douglas James E Secure collaborative environment
US20060015742A1 (en) * 2004-07-15 2006-01-19 Allan Camaisa System and method for blocking unauthorized network log in using stolen password
US8296562B2 (en) 2004-07-15 2012-10-23 Anakam, Inc. Out of band system and method for authentication
US20060059111A1 (en) * 2004-09-10 2006-03-16 Tucker David M Authentication method for securely disclosing confidential information over the internet
US7451308B2 (en) * 2004-10-12 2008-11-11 Sap Ag Method and system to automatically evaluate a participant in a trust management infrastructure
US20060080195A1 (en) * 2004-10-12 2006-04-13 Yucel Karabulut Method and system to automatically evaluate a participant in a trust management infrastructure
US20060230464A1 (en) * 2004-11-04 2006-10-12 Robbins James P Method for enabling a trusted dialog for collection of sensitive data
US20060095972A1 (en) * 2004-11-04 2006-05-04 International Business Machines Corporation Method for enabling a trusted dialog for collection of sensitive data
US7437767B2 (en) * 2004-11-04 2008-10-14 International Business Machines Corporation Method for enabling a trusted dialog for collection of sensitive data
US8095986B2 (en) 2004-11-04 2012-01-10 International Business Machines Corporation Method for enabling a trusted dialog for collection of sensitive data
US20080172748A1 (en) * 2004-11-04 2008-07-17 International Business Machines Corporation Method for Enabling a Trusted Dialog for Collection of Sensitive Data
US8799381B2 (en) 2004-11-15 2014-08-05 Bank Of America Corporation Method and apparatus for enabling authentication of on-line communications
US7996530B1 (en) 2004-11-15 2011-08-09 Bank Of America Corporation Method and apparatus for enabling authentication of on-line communications
US20080028475A1 (en) * 2004-11-25 2008-01-31 Erez Kalman Method For Authenticating A Website
US8103645B1 (en) * 2005-02-02 2012-01-24 Symantec Corporation Automatic local deployment of site associated cues for antiphishing purposes
US9053399B2 (en) 2005-03-26 2015-06-09 Privasys Method for broadcasting a magnetic stripe data packet from an electronic smart card
US8684267B2 (en) 2005-03-26 2014-04-01 Privasys Method for broadcasting a magnetic stripe data packet from an electronic smart card
US8500019B2 (en) 2005-03-26 2013-08-06 Mark Poidomani Electronic cards and methods for making same
US8540165B2 (en) 2005-03-26 2013-09-24 Privasys, Inc. Laminated electronic card assembly
US8231063B2 (en) 2005-03-26 2012-07-31 Privasys Inc. Electronic card and methods for making same
US8480002B2 (en) 2005-03-26 2013-07-09 Mark Poidomani Conducting a transaction with an electronic card
US8286889B2 (en) 2005-03-26 2012-10-16 Privasys, Inc Electronic financial transaction cards and methods
US8360332B2 (en) 2005-03-26 2013-01-29 Privasys Electronic card
US8302871B2 (en) 2005-03-26 2012-11-06 Privasys, Inc Method for conducting a transaction between a magnetic stripe reader and an electronic card
US20060282660A1 (en) * 2005-04-29 2006-12-14 Varghese Thomas E System and method for fraud monitoring, detection, and tiered user authentication
US7908645B2 (en) 2005-04-29 2011-03-15 Oracle International Corporation System and method for fraud monitoring, detection, and tiered user authentication
US20060288220A1 (en) * 2005-05-02 2006-12-21 Whitehat Security, Inc. In-line website securing system with HTML processor and link verification
AU2006200688B2 (en) * 2005-05-03 2011-03-17 E-Lock Corporation Sdn. Bhd. Internet security
US20060253446A1 (en) * 2005-05-03 2006-11-09 E-Lock Corporation Sdn. Bhd.. Internet security
US8843516B2 (en) * 2005-05-03 2014-09-23 E-Lock Corporation Sdn. Bhd. Internet security
US7793851B2 (en) 2005-05-09 2010-09-14 Dynamics Inc. Dynamic credit card with magnetic stripe and embedded encoder and methods for using the same to provide a copy-proof credit card
US7828220B2 (en) 2005-05-09 2010-11-09 Dynamics Inc. Dynamic credit card with magnetic stripe and embedded encoder and methods for using the same to provide a copy-proof credit card
US7931195B2 (en) 2005-05-09 2011-04-26 Dynamics Inc. Dynamic credit card with magnetic stripe and embedded encoder and methods for using the same to provide a copy-proof credit card
US7954705B2 (en) 2005-05-09 2011-06-07 Dynamics Inc. Dynamic credit card with magnetic stripe and embedded encoder and methods for using the same to provide a copy-proof credit card
US9621666B2 (en) * 2005-05-26 2017-04-11 Citrix Systems, Inc. Systems and methods for enhanced delta compression
US20150026567A1 (en) * 2005-05-26 2015-01-22 Citrix Systems, Inc. Systems and methods for enhanced delta compression
US7895437B2 (en) 2005-05-31 2011-02-22 Vmware, Inc. Augmented single factor split key asymmetric cryptography-key generation and distributor
US7734912B2 (en) 2005-05-31 2010-06-08 Tricipher, Inc. Secure login using single factor split key asymmetric cryptography and an augmenting factor
US20060288079A1 (en) * 2005-05-31 2006-12-21 Deobald Martyn G Security system for personal Internet communicator
US7734911B2 (en) 2005-05-31 2010-06-08 Tricipher, Inc. Secure login using augmented single factor split key asymmetric cryptography
US20070186095A1 (en) * 2005-05-31 2007-08-09 Tricipher, Inc. Secure login using augmented single factor split key asymmetric cryptography
US20070033393A1 (en) * 2005-05-31 2007-02-08 Tricipher, Inc. Secure login using single factor split key asymmetric cryptography and an augmenting factor
US20070033392A1 (en) * 2005-05-31 2007-02-08 Tricipher, Inc. Augmented single factor split key asymmetric cryptography-key generation and distributor
US20070006286A1 (en) * 2005-07-02 2007-01-04 Singhal Tara C System and method for security in global computer transactions that enable reverse-authentication of a server by a client
US8220030B2 (en) * 2005-07-02 2012-07-10 Tara Chand Singhal System and method for security in global computer transactions that enable reverse-authentication of a server by a client
US20090165109A1 (en) * 2005-07-21 2009-06-25 Arcot Systems, Inc. Controlled and client-side authentication module
US9477830B2 (en) 2005-07-21 2016-10-25 Ca, Inc. Controlled and client-side authentication module
US20070037552A1 (en) * 2005-08-11 2007-02-15 Timothy Lee Method and system for performing two factor mutual authentication
US8645683B1 (en) 2005-08-11 2014-02-04 Aaron T. Emigh Verified navigation
US20070121912A1 (en) * 2005-10-14 2007-05-31 Murata Kikai Kabushiki Kaisha Communication device, communication method and communication system
US20070113294A1 (en) * 2005-11-09 2007-05-17 John Field Password Presentation for Multimedia Devices
US7849323B2 (en) * 2005-11-09 2010-12-07 Emc Corporation Password presentation for multimedia devices
US20070256123A1 (en) * 2005-12-01 2007-11-01 Rsa Security, Inc. Detecting and preventing replay in authentication systems
US7810147B2 (en) 2005-12-01 2010-10-05 Emc Corporation Detecting and preventing replay in authentication systems
US20070136573A1 (en) * 2005-12-05 2007-06-14 Joseph Steinberg System and method of using two or more multi-factor authentication mechanisms to authenticate online parties
US9703983B2 (en) 2005-12-16 2017-07-11 The 41St Parameter, Inc. Methods and apparatus for securely displaying digital images
US11301585B2 (en) 2005-12-16 2022-04-12 The 41St Parameter, Inc. Methods and apparatus for securely displaying digital images
US10726151B2 (en) 2005-12-16 2020-07-28 The 41St Parameter, Inc. Methods and apparatus for securely displaying digital images
US20080028447A1 (en) * 2006-02-10 2008-01-31 Rsa Security Inc. Method and system for providing a one time password to work in conjunction with a browser
US8234696B2 (en) 2006-02-10 2012-07-31 Emc Corporation Method and system for providing a one time password to work in conjunction with a browser
US20070234409A1 (en) * 2006-03-31 2007-10-04 Ori Eisen Systems and methods for detection of session tampering and fraud prevention
US8151327B2 (en) 2006-03-31 2012-04-03 The 41St Parameter, Inc. Systems and methods for detection of session tampering and fraud prevention
US11727471B2 (en) 2006-03-31 2023-08-15 The 41St Parameter, Inc. Systems and methods for detection of session tampering and fraud prevention
US9196004B2 (en) 2006-03-31 2015-11-24 The 41St Parameter, Inc. Systems and methods for detection of session tampering and fraud prevention
US9754311B2 (en) 2006-03-31 2017-09-05 The 41St Parameter, Inc. Systems and methods for detection of session tampering and fraud prevention
US8826393B2 (en) 2006-03-31 2014-09-02 The 41St Parameter, Inc. Systems and methods for detection of session tampering and fraud prevention
US10089679B2 (en) 2006-03-31 2018-10-02 The 41St Parameter, Inc. Systems and methods for detection of session tampering and fraud prevention
US11195225B2 (en) 2006-03-31 2021-12-07 The 41St Parameter, Inc. Systems and methods for detection of session tampering and fraud prevention
US10535093B2 (en) 2006-03-31 2020-01-14 The 41St Parameter, Inc. Systems and methods for detection of session tampering and fraud prevention
US8739278B2 (en) 2006-04-28 2014-05-27 Oracle International Corporation Techniques for fraud monitoring and detection using application fingerprinting
US20090089869A1 (en) * 2006-04-28 2009-04-02 Oracle International Corporation Techniques for fraud monitoring and detection using application fingerprinting
WO2008014007A2 (en) * 2006-07-28 2008-01-31 Brown University Certification and authentication of data structures
WO2008014007A3 (en) * 2006-07-28 2008-12-24 Univ Brown Certification and authentication of data structures
EP1906331A1 (en) 2006-09-30 2008-04-02 Pitney Bowes, Inc. Enhanced network server authentication using a physical out-of-band channel
US8560457B2 (en) 2006-09-30 2013-10-15 Pitney Bowes Inc. Enhanced network server authentication using a physical out-of-band channel
US20080209526A1 (en) * 2006-12-11 2008-08-28 Oracle International Corporation System and method for personalized security signature
US9106422B2 (en) 2006-12-11 2015-08-11 Oracle International Corporation System and method for personalized security signature
US20100031022A1 (en) * 2006-12-12 2010-02-04 Columbus Venure Capital S .A. R. L. System and method for verifying networked sites
US8356333B2 (en) 2006-12-12 2013-01-15 Bespoke Innovations Sarl System and method for verifying networked sites
US8468351B2 (en) * 2006-12-15 2013-06-18 Codesealer Aps Digital data authentication
US20100017615A1 (en) * 2006-12-15 2010-01-21 Boesgaard Soerensen Hans Martin Digital data authentication
US8949607B2 (en) 2006-12-15 2015-02-03 Codesealer Aps Digital data authentication
US8788419B2 (en) 2006-12-30 2014-07-22 First Data Corporation Method and system for mitigating risk of fraud in internet banking
US20080175377A1 (en) * 2007-01-22 2008-07-24 Global Crypto Systems Methods and Systems for Digital Authentication Using Digitally Signed Images
US8122255B2 (en) 2007-01-22 2012-02-21 Global Crypto Systems Methods and systems for digital authentication using digitally signed images
US7266693B1 (en) * 2007-02-13 2007-09-04 U.S. Bancorp Licensing, Inc. Validated mutual authentication
US20080209529A1 (en) * 2007-02-26 2008-08-28 Banco Bradesco S.A. Transaction integrity and authenticity check process
US10262308B2 (en) 2007-06-25 2019-04-16 Visa U.S.A. Inc. Cardless challenge systems and methods
US11481742B2 (en) 2007-06-25 2022-10-25 Visa U.S.A. Inc. Cardless challenge systems and methods
US8744958B2 (en) 2007-06-25 2014-06-03 Visa U. S. A. Inc. Systems and methods for secure and transparent cardless transactions
US8121942B2 (en) 2007-06-25 2012-02-21 Visa U.S.A. Inc. Systems and methods for secure and transparent cardless transactions
US8706621B2 (en) 2007-06-25 2014-04-22 Visa U.S.A., Inc. Secure checkout and challenge systems and methods
US8121956B2 (en) 2007-06-25 2012-02-21 Visa U.S.A. Inc. Cardless challenge systems and methods
US8589291B2 (en) 2007-06-25 2013-11-19 Visa U.S.A. Inc. System and method utilizing device information
US8606700B2 (en) 2007-06-25 2013-12-10 Visa U.S.A., Inc. Systems and methods for secure and transparent cardless transactions
US20080319896A1 (en) * 2007-06-25 2008-12-25 Mark Carlson Cardless challenge systems and methods
US20100036946A1 (en) * 2007-07-13 2010-02-11 Von Arx Kim System and process for providing online services
WO2009009859A1 (en) * 2007-07-13 2009-01-22 Von Arx Kim G System and method for providing online services using registered and individualised domain names
US20090031033A1 (en) * 2007-07-26 2009-01-29 International Business Machines Corporation System and Method for User to Verify a Network Resource Address is Trusted
US8769706B2 (en) 2007-07-26 2014-07-01 International Business Machines Corporation System and method for user to verify a network resource address is trusted
US20090037995A1 (en) * 2007-07-31 2009-02-05 Onesimo Zapata System and Method For Authentication Of Users In A Secure Computer System
US20120291113A1 (en) * 2007-07-31 2012-11-15 Keycorp System and Method for Authentication of Users in a Secure Computer System
US8683571B2 (en) * 2007-07-31 2014-03-25 Keycorp System and method for authentication of users in a secure computer system
US8230490B2 (en) 2007-07-31 2012-07-24 Keycorp System and method for authentication of users in a secure computer system
EP2043328A2 (en) 2007-09-26 2009-04-01 The 41st Parameter, Inc. Methods and apparatus for detecting fraud with time based computer tags
US20090083184A1 (en) * 2007-09-26 2009-03-26 Ori Eisen Methods and Apparatus for Detecting Fraud with Time Based Computer Tags
US9060012B2 (en) 2007-09-26 2015-06-16 The 41St Parameter, Inc. Methods and apparatus for detecting fraud with time based computer tags
US8635535B2 (en) 2007-10-16 2014-01-21 D&B Business Information Solutions Limited Third-party-secured zones on web pages
US8635536B2 (en) 2007-10-16 2014-01-21 D&B Business Information Solutions Limited Third-party-secured zones on web pages
US20090100505A1 (en) * 2007-10-16 2009-04-16 Trusted Partners, Inc. Third-party-secured zones on web pages
US20100251144A1 (en) * 2007-10-16 2010-09-30 Shachar Shaty Third-party-secured zones on web pages
US8683201B2 (en) 2007-10-16 2014-03-25 D&B Business Information Solutions Limited Third-party-secured zones on web pages
US20090138950A1 (en) * 2007-11-16 2009-05-28 Arcot Systems, Inc. Two-factor anti-phishing authentication systems and methods
US8510817B1 (en) * 2007-11-16 2013-08-13 Ca, Inc. Two-factor anti-phishing authentication systems and methods
US8015598B2 (en) 2007-11-16 2011-09-06 Arcot Systems, Inc. Two-factor anti-phishing authentication systems and methods
US9727813B2 (en) 2007-12-24 2017-08-08 Dynamics Inc. Credit, security, debit cards and the like with buttons
US10430704B2 (en) 2007-12-24 2019-10-01 Dynamics Inc. Payment cards and devices with displays, chips, RFIDs, magnetic emulators, magnetic encoders, and other components
US8485437B2 (en) 2007-12-24 2013-07-16 Dynamics Inc. Systems and methods for programmable payment cards and devices with loyalty-based payment applications
US9361569B2 (en) 2007-12-24 2016-06-07 Dynamics, Inc. Cards with serial magnetic emulators
US9547816B2 (en) 2007-12-24 2017-01-17 Dynamics Inc. Cards and devices with multifunction magnetic emulators and methods for using same
US9639796B2 (en) 2007-12-24 2017-05-02 Dynamics Inc. Cards and devices with magnetic emulators with zoning control and advanced interiors
US9684861B2 (en) 2007-12-24 2017-06-20 Dynamics Inc. Payment cards and devices with displays, chips, RFIDs, magnetic emulators, magnetic decoders, and other components
US11494606B2 (en) 2007-12-24 2022-11-08 Dynamics Inc. Cards and devices with magnetic emulators with zoning control and advanced interiors
US9697454B2 (en) 2007-12-24 2017-07-04 Dynamics Inc. Payment cards and devices with displays, chips, RFIDs, magnetic emulators, magnetic encoders, and other components
US8459548B2 (en) 2007-12-24 2013-06-11 Dynamics Inc. Payment cards and devices with gift card, global integration, and magnetic stripe reader communication functionality
US8424773B2 (en) 2007-12-24 2013-04-23 Dynamics Inc. Payment cards and devices with enhanced magnetic emulators
US9704088B2 (en) 2007-12-24 2017-07-11 Dynamics Inc. Cards and devices with multifunction magnetic emulators and methods for using same
US9704089B2 (en) 2007-12-24 2017-07-11 Dynamics Inc. Systems and methods for programmable payment cards and devices with loyalty-based payment applications
US9805297B2 (en) 2007-12-24 2017-10-31 Dynamics Inc. Systems and methods for programmable payment cards and devices with loyalty-based payment applications
US8517276B2 (en) 2007-12-24 2013-08-27 Dynamics Inc. Cards and devices with multifunction magnetic emulators and methods for using same
US8074877B2 (en) 2007-12-24 2011-12-13 Dynamics Inc. Systems and methods for programmable payment cards and devices with loyalty-based payment applications
US8413892B2 (en) 2007-12-24 2013-04-09 Dynamics Inc. Payment cards and devices with displays, chips, RFIDs, magnetic emulators, magnetic encoders, and other components
US10032100B2 (en) 2007-12-24 2018-07-24 Dynamics Inc. Cards and devices with multifunction magnetic emulators and methods for using same
US8020775B2 (en) 2007-12-24 2011-09-20 Dynamics Inc. Payment cards and devices with enhanced magnetic emulators
US10095974B1 (en) 2007-12-24 2018-10-09 Dynamics Inc. Payment cards and devices with displays, chips, RFIDs, magnetic emulators, magnetic encoders, and other components
US9010630B2 (en) 2007-12-24 2015-04-21 Dynamics Inc. Systems and methods for programmable payment cards and devices with loyalty-based payment applications
US11238329B2 (en) 2007-12-24 2022-02-01 Dynamics Inc. Payment cards and devices with gift card, global integration, and magnetic stripe reader communication functionality
US9004368B2 (en) 2007-12-24 2015-04-14 Dynamics Inc. Payment cards and devices with enhanced magnetic emulators
US10169692B2 (en) 2007-12-24 2019-01-01 Dynamics Inc. Credit, security, debit cards and the like with buttons
US8973824B2 (en) 2007-12-24 2015-03-10 Dynamics Inc. Cards and devices with magnetic emulators with zoning control and advanced interiors
US11062195B2 (en) 2007-12-24 2021-07-13 Dynamics Inc. Cards and devices with multifunction magnetic emulators and methods for using same
US10198687B2 (en) 2007-12-24 2019-02-05 Dynamics Inc. Cards and devices with multifunction magnetic emulators and methods for using same
US8382000B2 (en) 2007-12-24 2013-02-26 Dynamics Inc. Payment cards and devices with enhanced magnetic emulators
US11055600B2 (en) 2007-12-24 2021-07-06 Dynamics Inc. Cards with serial magnetic emulators
US10223631B2 (en) 2007-12-24 2019-03-05 Dynamics Inc. Cards and devices with multifunction magnetic emulators and methods for using same
US11037045B2 (en) 2007-12-24 2021-06-15 Dynamics Inc. Cards and devices with magnetic emulators with zoning control and advanced interiors
US7784687B2 (en) 2007-12-24 2010-08-31 Dynamics Inc. Payment cards and devices with displays, chips, RFIDS, magnetic emulators, magnetic decoders, and other components
US8286876B2 (en) 2007-12-24 2012-10-16 Dynamics Inc. Cards and devices with magnetic emulators and magnetic reader read-head detectors
US8608083B2 (en) 2007-12-24 2013-12-17 Dynamics Inc. Cards and devices with magnetic emulators with zoning control and advanced interiors
US10255545B2 (en) 2007-12-24 2019-04-09 Dynamics Inc. Cards and devices with multifunction magnetic emulators and methods for using same
US10997489B2 (en) 2007-12-24 2021-05-04 Dynamics Inc. Cards and devices with multifunction magnetic emulators and methods for using same
US8881989B2 (en) 2007-12-24 2014-11-11 Dynamics Inc. Cards and devices with magnetic emulators with zoning control and advanced interiors
US8875999B2 (en) 2007-12-24 2014-11-04 Dynamics Inc. Payment cards and devices with gift card, global integration, and magnetic stripe reader communication functionality
US8011577B2 (en) 2007-12-24 2011-09-06 Dynamics Inc. Payment cards and devices with gift card, global integration, and magnetic stripe reader communication functionality
US10325199B2 (en) 2007-12-24 2019-06-18 Dynamics Inc. Payment cards and devices with displays, chips, RFIDs, magnetic emulators, magentic decoders, and other components
US8302872B2 (en) 2007-12-24 2012-11-06 Dynamics Inc. Advanced dynamic credit cards
US8668143B2 (en) 2007-12-24 2014-03-11 Dynamics Inc. Payment cards and devices with gift card, global integration, and magnetic stripe reader communication functionality
US9384438B2 (en) 2007-12-24 2016-07-05 Dynamics, Inc. Cards with serial magnetic emulators
US10467521B2 (en) 2007-12-24 2019-11-05 Dynamics Inc. Payment cards and devices with gift card, global integration, and magnetic stripe reader communication functionality
US10496918B2 (en) 2007-12-24 2019-12-03 Dynamics Inc. Cards and devices with multifunction magnetic emulators and methods for using the same
US10579920B2 (en) 2007-12-24 2020-03-03 Dynamics Inc. Systems and methods for programmable payment cards and devices with loyalty-based payment applications
US8733638B2 (en) 2007-12-24 2014-05-27 Dynamics Inc. Payment cards and devices with displays, chips, RFIDs, magnetic emulators, magentic decoders, and other components
US20090193506A1 (en) * 2008-01-24 2009-07-30 Mcgrew David A Cryptographic peer discovery, authentication, and authorization for on-path signaling
US8122482B2 (en) 2008-01-24 2012-02-21 Cisco Technology, Inc. Cryptographic peer discovery, authentication, and authorization for on-path signaling
US8353016B1 (en) * 2008-02-29 2013-01-08 Adobe Systems Incorporated Secure portable store for security skins and authentication information
US9397988B2 (en) 2008-02-29 2016-07-19 Adobe Systems Incorporated Secure portable store for security skins and authentication information
US8555078B2 (en) 2008-02-29 2013-10-08 Adobe Systems Incorporated Relying party specifiable format for assertion provider token
US20090249445A1 (en) * 2008-03-27 2009-10-01 Sanjay Deshpande Authentication of Websites Based on Signature Matching
US8346662B2 (en) 2008-05-16 2013-01-01 Visa U.S.A. Inc. Desktop alert with interactive bona fide dispute initiation through chat session facilitated by desktop application
US20090287604A1 (en) * 2008-05-16 2009-11-19 Ayse Korgav Desktop alert with interactive bona fide dispute initiation through chat session facilitated by desktop application
US8055587B2 (en) * 2008-06-03 2011-11-08 International Business Machines Corporation Man in the middle computer technique
US8356345B2 (en) 2008-06-03 2013-01-15 International Business Machines Corporation Constructing a secure internet transaction
US20090299759A1 (en) * 2008-06-03 2009-12-03 International Business Machines Corporation Method and system for defeating the man in the middle computer hacking technique
US20090300749A1 (en) * 2008-06-03 2009-12-03 International Business Machines Corporation Method and system for defeating the man in the middle computer hacking technique
US20100004965A1 (en) * 2008-07-01 2010-01-07 Ori Eisen Systems and methods of sharing information through a tagless device consortium
US9390384B2 (en) 2008-07-01 2016-07-12 The 41 St Parameter, Inc. Systems and methods of sharing information through a tagless device consortium
US20100031048A1 (en) * 2008-08-04 2010-02-04 Jason David Koziol Data authenticator
US20100138338A1 (en) * 2008-09-24 2010-06-03 Ayman Hammad Intelligent alert system and method
US9325833B2 (en) 2008-09-25 2016-04-26 Visa International Service Association Systems and methods for sorting alert and offer messages on a mobile device
US9071463B2 (en) 2008-09-25 2015-06-30 Visa International Service Association Systems and methods for sorting alert and offer messages on a mobile device
US8396455B2 (en) 2008-09-25 2013-03-12 Visa International Service Association Systems and methods for sorting alert and offer messages on a mobile device
US9898740B2 (en) 2008-11-06 2018-02-20 Visa International Service Association Online challenge-response
US8533118B2 (en) 2008-11-06 2013-09-10 Visa International Service Association Online challenge-response
US8762279B2 (en) 2008-11-06 2014-06-24 Visa International Service Association Online challenge-response
US8579203B1 (en) 2008-12-19 2013-11-12 Dynamics Inc. Electronic magnetic recorded media emulators in magnetic card devices
US8931703B1 (en) 2009-03-16 2015-01-13 Dynamics Inc. Payment cards and devices for displaying barcodes
US10616201B2 (en) 2009-03-25 2020-04-07 The 41St Parameter, Inc. Systems and methods of sharing information through a tag-based consortium
US9948629B2 (en) 2009-03-25 2018-04-17 The 41St Parameter, Inc. Systems and methods of sharing information through a tag-based consortium
US11750584B2 (en) 2009-03-25 2023-09-05 The 41St Parameter, Inc. Systems and methods of sharing information through a tag-based consortium
US9112850B1 (en) 2009-03-25 2015-08-18 The 41St Parameter, Inc. Systems and methods of sharing information through a tag-based consortium
US8172148B1 (en) 2009-04-06 2012-05-08 Dynamics Inc. Cards and assemblies with user interfaces
US8066191B1 (en) 2009-04-06 2011-11-29 Dynamics Inc. Cards and assemblies with user interfaces
US9329619B1 (en) 2009-04-06 2016-05-03 Dynamics Inc. Cards with power management
US8757499B2 (en) 2009-04-06 2014-06-24 Dynamics Inc. Laminated cards with manual input interfaces
US8282007B1 (en) 2009-04-06 2012-10-09 Dynamics Inc. Laminated cards with manual input interfaces
US10948964B1 (en) 2009-04-06 2021-03-16 Dynamics Inc. Cards with power management
US8590796B1 (en) 2009-04-06 2013-11-26 Dynamics Inc. Cards having dynamic magnetic stripe communication devices fabricated from multiple boards
US10176419B1 (en) 2009-04-06 2019-01-08 Dynamics Inc. Cards and assemblies with user interfaces
US9928456B1 (en) 2009-04-06 2018-03-27 Dynamics Inc. Cards and assemblies with user interfaces
US8622309B1 (en) 2009-04-06 2014-01-07 Dynamics Inc. Payment cards and devices with budgets, parental controls, and virtual accounts
US8903735B2 (en) 2009-04-16 2014-12-02 Visa International Service Association System and method for pushing advanced warning alerts
US20100268696A1 (en) * 2009-04-16 2010-10-21 Brad Nightengale Advanced Warning
US8380569B2 (en) 2009-04-16 2013-02-19 Visa International Service Association, Inc. Method and system for advanced warning alerts using advanced identification system for identifying fraud detection and reporting
US20100274572A1 (en) * 2009-04-28 2010-10-28 Ayman Hammad Alert architecture
US10387885B2 (en) 2009-04-28 2019-08-20 Visa International Service Association SKU level control and alerts
US20100287250A1 (en) * 2009-04-28 2010-11-11 Mark Carlson Merchant Alert Based System and Method Including Customer Presence Notification
US10552842B2 (en) 2009-04-28 2020-02-04 Visa International Service Association SKU level control and alerts
US20100299249A1 (en) * 2009-04-28 2010-11-25 Mark Carlson Sku level control and alerts
US9710802B2 (en) 2009-04-28 2017-07-18 Visa International Service Association Merchant competition alert
US9449327B2 (en) 2009-04-28 2016-09-20 Visa International Service Association Merchant alert based system and method including customer presence notification
US9542675B2 (en) 2009-04-28 2017-01-10 Visa International Service Association Alert architecture
US10380571B2 (en) 2009-04-28 2019-08-13 Visa International Service Association Merchant alert based system and method including customer presence notification
US10748149B2 (en) 2009-04-28 2020-08-18 Visa International Service Association Alert architecture
US8195818B2 (en) * 2009-06-22 2012-06-05 Oracle International Corporation Enforcing communication security for selected resources
US20100325294A1 (en) * 2009-06-22 2010-12-23 Oracle International Corporation Enforcing communication security for selected resources
US8393545B1 (en) 2009-06-23 2013-03-12 Dynamics Inc. Cards deployed with inactivated products for activation
US11144909B1 (en) 2009-06-23 2021-10-12 Dynamics Inc. Cards deployed with inactivated products for activation
US9064255B1 (en) 2009-06-23 2015-06-23 Dynamics Inc. Cards deployed with inactivated products for activation
US8757483B1 (en) 2009-06-23 2014-06-24 Dynamics Inc. Cards deployed with inactivated products for activation
US8511574B1 (en) 2009-08-17 2013-08-20 Dynamics Inc. Advanced loyalty applications for powered cards and devices
US11003970B1 (en) 2009-08-17 2021-05-11 Dynamics Inc. Advanced loyalty applications for powered cards and devices
US9852368B1 (en) 2009-08-17 2017-12-26 Dynamics Inc. Advanced loyalty applications for powered cards and devices
US9953255B1 (en) 2009-08-17 2018-04-24 Dynamics Inc. Advanced loyalty applications for powered cards and devices
US9306666B1 (en) 2009-10-08 2016-04-05 Dynamics Inc. Programming protocols for powered cards and devices
US8727219B1 (en) 2009-10-12 2014-05-20 Dynamics Inc. Magnetic stripe track signal having multiple communications channels
US9292843B1 (en) 2009-10-20 2016-03-22 Dynamics Inc. Advanced payment options for powered cards and devices
US10181097B1 (en) 2009-10-20 2019-01-15 Dynamics Inc. Advanced payment options for powered cards and devices
US8814050B1 (en) 2009-10-20 2014-08-26 Dynamics Inc. Advanced payment options for powered cards and devices
US8523059B1 (en) 2009-10-20 2013-09-03 Dynamics Inc. Advanced payment options for powered cards and devices
US9652436B1 (en) 2009-10-25 2017-05-16 Dynamics Inc. Games, prizes, and entertainment for powered cards and devices
US8393546B1 (en) 2009-10-25 2013-03-12 Dynamics Inc. Games, prizes, and entertainment for powered cards and devices
US9373069B2 (en) 2010-02-16 2016-06-21 Dynamics Inc. Systems and methods for drive circuits for dynamic magnetic stripe communications devices
US8602312B2 (en) 2010-02-16 2013-12-10 Dynamics Inc. Systems and methods for drive circuits for dynamic magnetic stripe communications devices
US9875437B2 (en) 2010-02-16 2018-01-23 Dynamics Inc. Systems and methods for drive circuits for dynamic magnetic stripe communications devices
US8348172B1 (en) 2010-03-02 2013-01-08 Dynamics Inc. Systems and methods for detection mechanisms for magnetic cards and devices
US8573503B1 (en) 2010-03-02 2013-11-05 Dynamics Inc. Systems and methods for detection mechanisms for magnetic cards and devices
US10482363B1 (en) 2010-03-02 2019-11-19 Dynamics Inc. Systems and methods for detection mechanisms for magnetic cards and devices
US8746579B1 (en) 2010-03-02 2014-06-10 Dynamics Inc. Systems and methods for detection mechanisms for magnetic cards and devices
US20110225629A1 (en) * 2010-03-15 2011-09-15 F2Ware Inc. CAPTCHA (Completely Automated Public Test to Tell Computers and Humans Apart) Management Methods and Systems
US10693263B1 (en) 2010-03-16 2020-06-23 Dynamics Inc. Systems and methods for audio connectors for powered cards and devices
US8984604B2 (en) 2010-05-07 2015-03-17 Blackberry Limited Locally stored phishing countermeasure
US11120427B2 (en) 2010-05-18 2021-09-14 Dynamics Inc. Systems and methods for cards and devices operable to communicate via light pulsing
US10504105B2 (en) 2010-05-18 2019-12-10 Dynamics Inc. Systems and methods for cards and devices operable to communicate to touch sensitive displays
US8226001B1 (en) 2010-06-23 2012-07-24 Fiteq, Inc. Method for broadcasting a magnetic stripe data packet from an electronic smart card
US8317103B1 (en) 2010-06-23 2012-11-27 FiTeq Method for broadcasting a magnetic stripe data packet from an electronic smart card
USD652867S1 (en) 2010-07-02 2012-01-24 Dynamics Inc. Multiple button interactive electronic card
USD670759S1 (en) 2010-07-02 2012-11-13 Dynamics Inc. Multiple button interactive electronic card with light sources
USD652075S1 (en) 2010-07-02 2012-01-10 Dynamics Inc. Multiple button interactive electronic card
USD674013S1 (en) 2010-07-02 2013-01-08 Dynamics Inc. Multiple button interactive electronic card with light sources
USD652448S1 (en) 2010-07-02 2012-01-17 Dynamics Inc. Multiple button interactive electronic card
USD652449S1 (en) 2010-07-02 2012-01-17 Dynamics Inc. Multiple button interactive electronic card
USD687094S1 (en) 2010-07-02 2013-07-30 Dynamics Inc. Multiple button interactive electronic card with light sources
USD672389S1 (en) 2010-07-02 2012-12-11 Dynamics Inc. Multiple button interactive electronic card with light sources
USD653288S1 (en) 2010-07-09 2012-01-31 Dynamics Inc. Multiple button interactive electronic card
USD792511S1 (en) 2010-07-09 2017-07-18 Dynamics Inc. Display with font
USD652450S1 (en) 2010-07-09 2012-01-17 Dynamics Inc. Multiple button interactive electronic card
USD665022S1 (en) 2010-07-09 2012-08-07 Dynamics Inc. Multiple button interactive electronic card with light source
USD651644S1 (en) 2010-07-09 2012-01-03 Dynamics Inc. Interactive electronic card with display
USD792513S1 (en) 2010-07-09 2017-07-18 Dynamics Inc. Display with font
USD643063S1 (en) 2010-07-09 2011-08-09 Dynamics Inc. Interactive electronic card with display
USD792512S1 (en) 2010-07-09 2017-07-18 Dynamics Inc. Display with font
USD666241S1 (en) 2010-07-09 2012-08-28 Dynamics Inc. Multiple button interactive electronic card with light source
USD665447S1 (en) 2010-07-09 2012-08-14 Dynamics Inc. Multiple button interactive electronic card with light source and display
USD651238S1 (en) 2010-07-09 2011-12-27 Dynamics Inc. Interactive electronic card with display
USD651237S1 (en) 2010-07-09 2011-12-27 Dynamics Inc. Interactive electronic card with display
USD652076S1 (en) 2010-07-09 2012-01-10 Dynamics Inc. Multiple button interactive electronic card with display
US8322623B1 (en) 2010-07-26 2012-12-04 Dynamics Inc. Systems and methods for advanced card printing
US10055614B1 (en) 2010-08-12 2018-08-21 Dynamics Inc. Systems and methods for advanced detection mechanisms for magnetic cards and devices
US9053398B1 (en) 2010-08-12 2015-06-09 Dynamics Inc. Passive detection mechanisms for magnetic cards and devices
US10022884B1 (en) 2010-10-15 2018-07-17 Dynamics Inc. Systems and methods for alignment techniques for magnetic cards and devices
US9754256B2 (en) 2010-10-19 2017-09-05 The 41St Parameter, Inc. Variable risk engine
US8561894B1 (en) 2010-10-20 2013-10-22 Dynamics Inc. Powered cards and devices designed, programmed, and deployed from a kiosk
US9646240B1 (en) 2010-11-05 2017-05-09 Dynamics Inc. Locking features for powered cards and devices
US8567679B1 (en) 2011-01-23 2013-10-29 Dynamics Inc. Cards and devices with embedded holograms
US9721201B1 (en) 2011-01-23 2017-08-01 Dynamics Inc. Cards and devices with embedded holograms
US8944333B1 (en) 2011-01-23 2015-02-03 Dynamics Inc. Cards and devices with embedded holograms
US10176423B1 (en) 2011-01-23 2019-01-08 Dynamics Inc. Cards and devices with embedded holograms
US10095970B1 (en) 2011-01-31 2018-10-09 Dynamics Inc. Cards including anti-skimming devices
US9818125B2 (en) 2011-02-16 2017-11-14 Dynamics Inc. Systems and methods for information exchange mechanisms for powered cards and devices
US9836680B1 (en) 2011-03-03 2017-12-05 Dynamics Inc. Systems and methods for advanced communication mechanisms for magnetic cards and devices
US10990867B1 (en) 2011-03-03 2021-04-27 Dynamics Inc. Systems and methods for advanced communication mechanisms for magnetic cards and devices
US8485446B1 (en) 2011-03-28 2013-07-16 Dynamics Inc. Shielded magnetic stripe for magnetic cards and devices
US11100431B2 (en) 2011-05-10 2021-08-24 Dynamics Inc. Systems and methods for mobile authorizations
US11501217B2 (en) 2011-05-10 2022-11-15 Dynamics Inc. Systems and methods for a mobile electronic wallet
USD670331S1 (en) 2011-05-12 2012-11-06 Dynamics Inc. Interactive display card
USD670332S1 (en) 2011-05-12 2012-11-06 Dynamics Inc. Interactive card
USD670330S1 (en) 2011-05-12 2012-11-06 Dynamics Inc. Interactive card
USD676904S1 (en) 2011-05-12 2013-02-26 Dynamics Inc. Interactive display card
USD670329S1 (en) 2011-05-12 2012-11-06 Dynamics Inc. Interactive display card
US8628022B1 (en) 2011-05-23 2014-01-14 Dynamics Inc. Systems and methods for sensor mechanisms for magnetic cards and devices
US9349089B1 (en) 2011-05-23 2016-05-24 Dynamics Inc. Systems and methods for sensor mechanisms for magnetic cards and devices
US9881245B1 (en) 2011-05-23 2018-01-30 Dynamics Inc. Systems and methods for sensor mechanisms for magnetic cards and devices
US10936926B1 (en) 2011-05-23 2021-03-02 Dynamics Inc. Systems and methods for sensor mechanisms for magnetic cards and devices
US8827153B1 (en) 2011-07-18 2014-09-09 Dynamics Inc. Systems and methods for waveform generation for dynamic magnetic stripe communications devices
US11551046B1 (en) 2011-10-19 2023-01-10 Dynamics Inc. Stacked dynamic magnetic stripe commmunications device for magnetic cards and devices
US11409971B1 (en) 2011-10-23 2022-08-09 Dynamics Inc. Programming and test modes for powered cards and devices
US11314838B2 (en) 2011-11-15 2022-04-26 Tapad, Inc. System and method for analyzing user device information
US9619741B1 (en) 2011-11-21 2017-04-11 Dynamics Inc. Systems and methods for synchronization mechanisms for magnetic cards and devices
US8960545B1 (en) 2011-11-21 2015-02-24 Dynamics Inc. Data modification for magnetic cards and devices
US10169693B1 (en) 2011-11-21 2019-01-01 Dynamics Inc. Data modification for magnetic cards and devices
US10062024B1 (en) 2012-02-03 2018-08-28 Dynamics Inc. Systems and methods for spike suppression for dynamic magnetic stripe communications devices
US9710745B1 (en) 2012-02-09 2017-07-18 Dynamics Inc. Systems and methods for automated assembly of dynamic magnetic stripe communications devices
US8888009B1 (en) 2012-02-14 2014-11-18 Dynamics Inc. Systems and methods for extended stripe mechanisms for magnetic cards and devices
US9916992B2 (en) 2012-02-20 2018-03-13 Dynamics Inc. Systems and methods for flexible components for powered cards and devices
US11010468B1 (en) 2012-03-01 2021-05-18 The 41St Parameter, Inc. Methods and systems for fraud containment
US9633201B1 (en) 2012-03-01 2017-04-25 The 41St Parameter, Inc. Methods and systems for fraud containment
US11886575B1 (en) 2012-03-01 2024-01-30 The 41St Parameter, Inc. Methods and systems for fraud containment
US8800004B2 (en) 2012-03-21 2014-08-05 Gary Martin SHANNON Computerized authorization system and method
US11223610B2 (en) 2012-03-21 2022-01-11 Arctran Holdings Inc. Computerized authorization system and method
US8719907B2 (en) 2012-03-21 2014-05-06 Gary Martin SHANNON Computerized authorization system and method
US10021099B2 (en) 2012-03-22 2018-07-10 The 41st Paramter, Inc. Methods and systems for persistent cross-application mobile device identification
US11683306B2 (en) 2012-03-22 2023-06-20 The 41St Parameter, Inc. Methods and systems for persistent cross-application mobile device identification
US10341344B2 (en) 2012-03-22 2019-07-02 The 41St Parameter, Inc. Methods and systems for persistent cross-application mobile device identification
US10862889B2 (en) 2012-03-22 2020-12-08 The 41St Parameter, Inc. Methods and systems for persistent cross application mobile device identification
US9521551B2 (en) 2012-03-22 2016-12-13 The 41St Parameter, Inc. Methods and systems for persistent cross-application mobile device identification
US9734669B1 (en) 2012-04-02 2017-08-15 Dynamics Inc. Cards, devices, systems, and methods for advanced payment game of skill and game of chance functionality
US10904222B2 (en) 2012-04-13 2021-01-26 Ologn Technologies Ag Secure zone for digital communications
US10484338B2 (en) 2012-04-13 2019-11-19 Ologn Technologies Ag Secure zone for digital communications
US11418483B1 (en) 2012-04-19 2022-08-16 Dynamics Inc. Cards, devices, systems, and methods for zone-based network management
US11201869B2 (en) 2012-04-20 2021-12-14 Ologn Technologies Ag Secure zone for secure purchases
US10270776B2 (en) * 2012-04-20 2019-04-23 Ologn Technologies Ag Secure zone for secure transactions
US10395156B1 (en) 2012-05-15 2019-08-27 Dynamics Inc. Cards, devices, systems, methods and dynamic security codes
US9033218B1 (en) 2012-05-15 2015-05-19 Dynamics Inc. Cards, devices, systems, methods and dynamic security codes
US9064195B2 (en) 2012-06-29 2015-06-23 Dynamics Inc. Multiple layer card circuit boards
US11301860B2 (en) 2012-08-02 2022-04-12 The 41St Parameter, Inc. Systems and methods for accessing records via derivative locators
US10417637B2 (en) 2012-08-02 2019-09-17 The 41St Parameter, Inc. Systems and methods for accessing records via derivative locators
USD729870S1 (en) 2012-08-27 2015-05-19 Dynamics Inc. Interactive electronic card with display and button
USD695636S1 (en) 2012-08-27 2013-12-17 Dynamics Inc. Interactive electronic card with display and buttons
USD673606S1 (en) 2012-08-27 2013-01-01 Dynamics Inc. Interactive electronic card with display and buttons
USD687487S1 (en) 2012-08-27 2013-08-06 Dynamics Inc. Interactive electronic card with display and button
USD687490S1 (en) 2012-08-27 2013-08-06 Dynamics Inc. Interactive electronic card with display and button
USD687488S1 (en) 2012-08-27 2013-08-06 Dynamics Inc. Interactive electronic card with buttons
USD730438S1 (en) 2012-08-27 2015-05-26 Dynamics Inc. Interactive electronic card with display and button
USD692053S1 (en) 2012-08-27 2013-10-22 Dynamics Inc. Interactive electronic card with display and button
USD729869S1 (en) 2012-08-27 2015-05-19 Dynamics Inc. Interactive electronic card with display and button
USD687095S1 (en) 2012-08-27 2013-07-30 Dynamics Inc. Interactive electronic card with buttons
USD694322S1 (en) 2012-08-27 2013-11-26 Dynamics Inc. Interactive electronic card with display buttons
USD688744S1 (en) 2012-08-27 2013-08-27 Dynamics Inc. Interactive electronic card with display and button
USD730439S1 (en) 2012-08-27 2015-05-26 Dynamics Inc. Interactive electronic card with buttons
USD675256S1 (en) 2012-08-27 2013-01-29 Dynamics Inc. Interactive electronic card with display and button
USD729871S1 (en) 2012-08-27 2015-05-19 Dynamics Inc. Interactive electronic card with display and buttons
USD687489S1 (en) 2012-08-27 2013-08-06 Dynamics Inc. Interactive electronic card with buttons
USD828870S1 (en) 2012-08-27 2018-09-18 Dynamics Inc. Display card
USD687887S1 (en) 2012-08-27 2013-08-13 Dynamics Inc. Interactive electronic card with buttons
USD676487S1 (en) 2012-08-27 2013-02-19 Dynamics Inc. Interactive electronic card with display and buttons
US8949935B2 (en) 2012-09-20 2015-02-03 Apple Inc. Secure account creation
US11126997B1 (en) 2012-10-02 2021-09-21 Dynamics Inc. Cards, devices, systems, and methods for a fulfillment system
US9010647B2 (en) 2012-10-29 2015-04-21 Dynamics Inc. Multiple sensor detector systems and detection methods of magnetic cards and devices
US10922597B1 (en) 2012-11-05 2021-02-16 Dynamics Inc. Dynamic magnetic stripe communications device with beveled magnetic material for magnetic cards and devices
US9659246B1 (en) 2012-11-05 2017-05-23 Dynamics Inc. Dynamic magnetic stripe communications device with beveled magnetic material for magnetic cards and devices
US11410179B2 (en) 2012-11-14 2022-08-09 The 41St Parameter, Inc. Systems and methods of global identification
US9990631B2 (en) 2012-11-14 2018-06-05 The 41St Parameter, Inc. Systems and methods of global identification
US10395252B2 (en) 2012-11-14 2019-08-27 The 41St Parameter, Inc. Systems and methods of global identification
US10853813B2 (en) 2012-11-14 2020-12-01 The 41St Parameter, Inc. Systems and methods of global identification
US9010644B1 (en) 2012-11-30 2015-04-21 Dynamics Inc. Dynamic magnetic stripe communications device with stepped magnetic material for magnetic cards and devices
US10311349B1 (en) 2012-11-30 2019-06-04 Dynamics Inc. Dynamic magnetic stripe communications device with stepped magnetic material for magnetic cards and devices
US9646750B1 (en) 2012-11-30 2017-05-09 Dynamics Inc. Dynamic magnetic stripe communications device with stepped magnetic material for magnetic cards and devices
US11023796B1 (en) 2012-11-30 2021-06-01 Dynamics Inc. Dynamic magnetic stripe communications device with stepped magnetic material for magnetic cards and devices
US10949627B2 (en) 2012-12-20 2021-03-16 Dynamics Inc. Systems and methods for non-time smearing detection mechanisms for magnetic cards and devices
USD750166S1 (en) 2013-03-04 2016-02-23 Dynamics Inc. Interactive electronic card with display and buttons
USD750168S1 (en) 2013-03-04 2016-02-23 Dynamics Inc. Interactive electronic card with display and button
USD750167S1 (en) 2013-03-04 2016-02-23 Dynamics Inc. Interactive electronic card with buttons
USD765174S1 (en) 2013-03-04 2016-08-30 Dynamics Inc. Interactive electronic card with button
USD765173S1 (en) 2013-03-04 2016-08-30 Dynamics Inc. Interactive electronic card with display and button
USD751640S1 (en) 2013-03-04 2016-03-15 Dynamics Inc. Interactive electronic card with display and button
USD751639S1 (en) 2013-03-04 2016-03-15 Dynamics Inc. Interactive electronic card with display and button
USD777252S1 (en) 2013-03-04 2017-01-24 Dynamics Inc. Interactive electronic card with buttons
USD764584S1 (en) 2013-03-04 2016-08-23 Dynamics Inc. Interactive electronic card with buttons
US11176546B2 (en) 2013-03-15 2021-11-16 Ologn Technologies Ag Systems, methods and apparatuses for securely storing and providing payment information
US11763301B2 (en) 2013-03-15 2023-09-19 Ologn Technologies Ag Systems, methods and apparatuses for securely storing and providing payment information
US9972013B2 (en) 2013-08-15 2018-05-15 Mastercard International Incorporated Internet site authentication with payments authorization data
US11657299B1 (en) 2013-08-30 2023-05-23 The 41St Parameter, Inc. System and method for device identification and uniqueness
US10902327B1 (en) 2013-08-30 2021-01-26 The 41St Parameter, Inc. System and method for device identification and uniqueness
USD767024S1 (en) 2013-09-10 2016-09-20 Dynamics Inc. Interactive electronic card with contact connector
USD737373S1 (en) 2013-09-10 2015-08-25 Dynamics Inc. Interactive electronic card with contact connector
US10108891B1 (en) 2014-03-21 2018-10-23 Dynamics Inc. Exchange coupled amorphous ribbons for electronic stripes
US11062188B1 (en) 2014-03-21 2021-07-13 Dynamics Inc Exchange coupled amorphous ribbons for electronic stripes
US11240326B1 (en) 2014-10-14 2022-02-01 The 41St Parameter, Inc. Data structures for intelligently resolving deterministic and probabilistic device identifiers to device profiles and/or groups
US10728350B1 (en) 2014-10-14 2020-07-28 The 41St Parameter, Inc. Data structures for intelligently resolving deterministic and probabilistic device identifiers to device profiles and/or groups
US10091312B1 (en) 2014-10-14 2018-10-02 The 41St Parameter, Inc. Data structures for intelligently resolving deterministic and probabilistic device identifiers to device profiles and/or groups
US11895204B1 (en) 2014-10-14 2024-02-06 The 41St Parameter, Inc. Data structures for intelligently resolving deterministic and probabilistic device identifiers to device profiles and/or groups
US10032049B2 (en) 2016-02-23 2018-07-24 Dynamics Inc. Magnetic cards and devices for motorized readers
US11645377B1 (en) * 2017-08-17 2023-05-09 Walgreen Co. Online authentication and security management using device-based identification
US20220027934A1 (en) * 2018-11-16 2022-01-27 Comenity Llc Automatically aggregating, evaluating, and providing a contextually relevant offer
US11164206B2 (en) * 2018-11-16 2021-11-02 Comenity Llc Automatically aggregating, evaluating, and providing a contextually relevant offer
US11847668B2 (en) * 2018-11-16 2023-12-19 Bread Financial Payments, Inc. Automatically aggregating, evaluating, and providing a contextually relevant offer
US11924242B2 (en) * 2021-01-25 2024-03-05 Huawei Technologies Co., Ltd. Fraud prevention via distinctive URL display
US11922423B2 (en) 2022-06-30 2024-03-05 The 41St Parameter, Inc. Systems and methods of global identification

Also Published As

Publication number Publication date
US20040168083A1 (en) 2004-08-26
CA2525121A1 (en) 2004-11-25
AU2004239738A1 (en) 2004-11-25
EP1625690A4 (en) 2007-05-09
AU2004239738B2 (en) 2008-04-24
JP2006525563A (en) 2006-11-09
DE602004012996D1 (en) 2008-05-21
EP1625690B1 (en) 2008-04-09
ATE391951T1 (en) 2008-04-15
DE602004012996T2 (en) 2009-05-28
WO2004102338A3 (en) 2005-01-27
EP1625690A2 (en) 2006-02-15
US20060288213A1 (en) 2006-12-21
US7346775B2 (en) 2008-03-18
WO2004102338A2 (en) 2004-11-25

Similar Documents

Publication Publication Date Title
US7100049B2 (en) Method and apparatus for authentication of users and web sites
US7730321B2 (en) System and method for authentication of users and communications received from computer systems
US9900163B2 (en) Facilitating secure online transactions
US7562222B2 (en) System and method for authenticating entities to users
EP1719283B1 (en) Method and apparatus for authentication of users and communications received from computer systems
CN101495956B (en) Extended one-time password method and apparatus
US20100217975A1 (en) Method and system for secure online transactions with message-level validation
US20080052245A1 (en) Advanced multi-factor authentication methods
US20080077791A1 (en) System and method for secured network access
US20070067620A1 (en) Systems and methods for third-party authentication
EP2070248B1 (en) System and method for facilitating secure online transactions
WO2008024362A9 (en) Advanced multi-factor authentication methods
WO2007030517A2 (en) Systems and methods for third-party authentication
WO2005094264A2 (en) Method and apparatus for authenticating entities by non-registered users
Bhattacharya User Authentication in Cloud Computing-Using Seed Chain Based One Time Password (OTP)

Legal Events

Date Code Title Description
AS Assignment

Owner name: PASSMARK SECURITY, LLC, CALIFORNIA

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:GASPARINI, LOUIS A.;GOTLIEB, CHARLES E.;REEL/FRAME:014535/0942;SIGNING DATES FROM 20040419 TO 20040420

STCF Information on status: patent grant

Free format text: PATENTED CASE

AS Assignment

Owner name: RSA SECURITY INC., MASSACHUSETTS

Free format text: MERGER;ASSIGNOR:PASSMARK SECURITY, INC., A DELAWARE CORPORATION;REEL/FRAME:018481/0964

Effective date: 20060424

FEPP Fee payment procedure

Free format text: PAYOR NUMBER ASSIGNED (ORIGINAL EVENT CODE: ASPN); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY

AS Assignment

Owner name: RSA SECURITY HOLDING, INC.,MASSACHUSETTS

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:RSA SECURITY LLC;REEL/FRAME:023824/0729

Effective date: 20091222

Owner name: EMC CORPORATION,MASSACHUSETTS

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:RSA SECURITY HOLDING, INC.;REEL/FRAME:023825/0109

Effective date: 20091231

Owner name: RSA SECURITY HOLDING, INC., MASSACHUSETTS

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:RSA SECURITY LLC;REEL/FRAME:023824/0729

Effective date: 20091222

Owner name: EMC CORPORATION, MASSACHUSETTS

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:RSA SECURITY HOLDING, INC.;REEL/FRAME:023825/0109

Effective date: 20091231

AS Assignment

Owner name: RSA SECURITY LLC,MASSACHUSETTS

Free format text: MERGER;ASSIGNOR:RSA SECURITY INC;REEL/FRAME:023852/0644

Effective date: 20091221

Owner name: RSA SECURITY LLC, MASSACHUSETTS

Free format text: MERGER;ASSIGNOR:RSA SECURITY INC;REEL/FRAME:023852/0644

Effective date: 20091221

AS Assignment

Owner name: EMC CORPORATION,MASSACHUSETTS

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:RSA SECURITY HOLDING, INC.;REEL/FRAME:023975/0151

Effective date: 20091231

Owner name: RSA SECURITY HOLDING, INC.,MASSACHUSETTS

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:RSA SECURITY LLC;REEL/FRAME:023975/0453

Effective date: 20091222

Owner name: EMC CORPORATION, MASSACHUSETTS

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:RSA SECURITY HOLDING, INC.;REEL/FRAME:023975/0151

Effective date: 20091231

Owner name: RSA SECURITY HOLDING, INC., MASSACHUSETTS

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:RSA SECURITY LLC;REEL/FRAME:023975/0453

Effective date: 20091222

FPAY Fee payment

Year of fee payment: 4

FEPP Fee payment procedure

Free format text: PAYER NUMBER DE-ASSIGNED (ORIGINAL EVENT CODE: RMPN); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY

Free format text: PAYOR NUMBER ASSIGNED (ORIGINAL EVENT CODE: ASPN); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY

FPAY Fee payment

Year of fee payment: 8

AS Assignment

Owner name: THE BANK OF NEW YORK MELLON TRUST COMPANY, N.A., AS NOTES COLLATERAL AGENT, TEXAS

Free format text: SECURITY AGREEMENT;ASSIGNORS:ASAP SOFTWARE EXPRESS, INC.;AVENTAIL LLC;CREDANT TECHNOLOGIES, INC.;AND OTHERS;REEL/FRAME:040136/0001

Effective date: 20160907

Owner name: CREDIT SUISSE AG, CAYMAN ISLANDS BRANCH, AS COLLATERAL AGENT, NORTH CAROLINA

Free format text: SECURITY AGREEMENT;ASSIGNORS:ASAP SOFTWARE EXPRESS, INC.;AVENTAIL LLC;CREDANT TECHNOLOGIES, INC.;AND OTHERS;REEL/FRAME:040134/0001

Effective date: 20160907

Owner name: CREDIT SUISSE AG, CAYMAN ISLANDS BRANCH, AS COLLAT

Free format text: SECURITY AGREEMENT;ASSIGNORS:ASAP SOFTWARE EXPRESS, INC.;AVENTAIL LLC;CREDANT TECHNOLOGIES, INC.;AND OTHERS;REEL/FRAME:040134/0001

Effective date: 20160907

Owner name: THE BANK OF NEW YORK MELLON TRUST COMPANY, N.A., A

Free format text: SECURITY AGREEMENT;ASSIGNORS:ASAP SOFTWARE EXPRESS, INC.;AVENTAIL LLC;CREDANT TECHNOLOGIES, INC.;AND OTHERS;REEL/FRAME:040136/0001

Effective date: 20160907

AS Assignment

Owner name: EMC IP HOLDING COMPANY LLC, MASSACHUSETTS

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:EMC CORPORATION;REEL/FRAME:040203/0001

Effective date: 20160906

MAFP Maintenance fee payment

Free format text: PAYMENT OF MAINTENANCE FEE, 12TH YEAR, LARGE ENTITY (ORIGINAL EVENT CODE: M1553)

Year of fee payment: 12

AS Assignment

Owner name: THE BANK OF NEW YORK MELLON TRUST COMPANY, N.A., T

Free format text: SECURITY AGREEMENT;ASSIGNORS:CREDANT TECHNOLOGIES, INC.;DELL INTERNATIONAL L.L.C.;DELL MARKETING L.P.;AND OTHERS;REEL/FRAME:049452/0223

Effective date: 20190320

Owner name: THE BANK OF NEW YORK MELLON TRUST COMPANY, N.A., TEXAS

Free format text: SECURITY AGREEMENT;ASSIGNORS:CREDANT TECHNOLOGIES, INC.;DELL INTERNATIONAL L.L.C.;DELL MARKETING L.P.;AND OTHERS;REEL/FRAME:049452/0223

Effective date: 20190320

AS Assignment

Owner name: THE BANK OF NEW YORK MELLON TRUST COMPANY, N.A., TEXAS

Free format text: SECURITY AGREEMENT;ASSIGNORS:CREDANT TECHNOLOGIES INC.;DELL INTERNATIONAL L.L.C.;DELL MARKETING L.P.;AND OTHERS;REEL/FRAME:053546/0001

Effective date: 20200409

AS Assignment

Owner name: WYSE TECHNOLOGY L.L.C., CALIFORNIA

Free format text: RELEASE BY SECURED PARTY;ASSIGNOR:CREDIT SUISSE AG, CAYMAN ISLANDS BRANCH;REEL/FRAME:058216/0001

Effective date: 20211101

Owner name: SCALEIO LLC, MASSACHUSETTS

Free format text: RELEASE BY SECURED PARTY;ASSIGNOR:CREDIT SUISSE AG, CAYMAN ISLANDS BRANCH;REEL/FRAME:058216/0001

Effective date: 20211101

Owner name: MOZY, INC., WASHINGTON

Free format text: RELEASE BY SECURED PARTY;ASSIGNOR:CREDIT SUISSE AG, CAYMAN ISLANDS BRANCH;REEL/FRAME:058216/0001

Effective date: 20211101

Owner name: MAGINATICS LLC, CALIFORNIA

Free format text: RELEASE BY SECURED PARTY;ASSIGNOR:CREDIT SUISSE AG, CAYMAN ISLANDS BRANCH;REEL/FRAME:058216/0001

Effective date: 20211101

Owner name: FORCE10 NETWORKS, INC., CALIFORNIA

Free format text: RELEASE BY SECURED PARTY;ASSIGNOR:CREDIT SUISSE AG, CAYMAN ISLANDS BRANCH;REEL/FRAME:058216/0001

Effective date: 20211101

Owner name: EMC IP HOLDING COMPANY LLC, TEXAS

Free format text: RELEASE BY SECURED PARTY;ASSIGNOR:CREDIT SUISSE AG, CAYMAN ISLANDS BRANCH;REEL/FRAME:058216/0001

Effective date: 20211101

Owner name: EMC CORPORATION, MASSACHUSETTS

Free format text: RELEASE BY SECURED PARTY;ASSIGNOR:CREDIT SUISSE AG, CAYMAN ISLANDS BRANCH;REEL/FRAME:058216/0001

Effective date: 20211101

Owner name: DELL SYSTEMS CORPORATION, TEXAS

Free format text: RELEASE BY SECURED PARTY;ASSIGNOR:CREDIT SUISSE AG, CAYMAN ISLANDS BRANCH;REEL/FRAME:058216/0001

Effective date: 20211101

Owner name: DELL SOFTWARE INC., CALIFORNIA

Free format text: RELEASE BY SECURED PARTY;ASSIGNOR:CREDIT SUISSE AG, CAYMAN ISLANDS BRANCH;REEL/FRAME:058216/0001

Effective date: 20211101

Owner name: DELL PRODUCTS L.P., TEXAS

Free format text: RELEASE BY SECURED PARTY;ASSIGNOR:CREDIT SUISSE AG, CAYMAN ISLANDS BRANCH;REEL/FRAME:058216/0001

Effective date: 20211101

Owner name: DELL MARKETING L.P., TEXAS

Free format text: RELEASE BY SECURED PARTY;ASSIGNOR:CREDIT SUISSE AG, CAYMAN ISLANDS BRANCH;REEL/FRAME:058216/0001

Effective date: 20211101

Owner name: DELL INTERNATIONAL, L.L.C., TEXAS

Free format text: RELEASE BY SECURED PARTY;ASSIGNOR:CREDIT SUISSE AG, CAYMAN ISLANDS BRANCH;REEL/FRAME:058216/0001

Effective date: 20211101

Owner name: DELL USA L.P., TEXAS

Free format text: RELEASE BY SECURED PARTY;ASSIGNOR:CREDIT SUISSE AG, CAYMAN ISLANDS BRANCH;REEL/FRAME:058216/0001

Effective date: 20211101

Owner name: CREDANT TECHNOLOGIES, INC., TEXAS

Free format text: RELEASE BY SECURED PARTY;ASSIGNOR:CREDIT SUISSE AG, CAYMAN ISLANDS BRANCH;REEL/FRAME:058216/0001

Effective date: 20211101

Owner name: AVENTAIL LLC, CALIFORNIA

Free format text: RELEASE BY SECURED PARTY;ASSIGNOR:CREDIT SUISSE AG, CAYMAN ISLANDS BRANCH;REEL/FRAME:058216/0001

Effective date: 20211101

Owner name: ASAP SOFTWARE EXPRESS, INC., ILLINOIS

Free format text: RELEASE BY SECURED PARTY;ASSIGNOR:CREDIT SUISSE AG, CAYMAN ISLANDS BRANCH;REEL/FRAME:058216/0001

Effective date: 20211101

AS Assignment

Owner name: SCALEIO LLC, MASSACHUSETTS

Free format text: RELEASE OF SECURITY INTEREST IN PATENTS PREVIOUSLY RECORDED AT REEL/FRAME (040136/0001);ASSIGNOR:THE BANK OF NEW YORK MELLON TRUST COMPANY, N.A., AS NOTES COLLATERAL AGENT;REEL/FRAME:061324/0001

Effective date: 20220329

Owner name: EMC IP HOLDING COMPANY LLC (ON BEHALF OF ITSELF AND AS SUCCESSOR-IN-INTEREST TO MOZY, INC.), TEXAS

Free format text: RELEASE OF SECURITY INTEREST IN PATENTS PREVIOUSLY RECORDED AT REEL/FRAME (040136/0001);ASSIGNOR:THE BANK OF NEW YORK MELLON TRUST COMPANY, N.A., AS NOTES COLLATERAL AGENT;REEL/FRAME:061324/0001

Effective date: 20220329

Owner name: EMC CORPORATION (ON BEHALF OF ITSELF AND AS SUCCESSOR-IN-INTEREST TO MAGINATICS LLC), MASSACHUSETTS

Free format text: RELEASE OF SECURITY INTEREST IN PATENTS PREVIOUSLY RECORDED AT REEL/FRAME (040136/0001);ASSIGNOR:THE BANK OF NEW YORK MELLON TRUST COMPANY, N.A., AS NOTES COLLATERAL AGENT;REEL/FRAME:061324/0001

Effective date: 20220329

Owner name: DELL MARKETING CORPORATION (SUCCESSOR-IN-INTEREST TO FORCE10 NETWORKS, INC. AND WYSE TECHNOLOGY L.L.C.), TEXAS

Free format text: RELEASE OF SECURITY INTEREST IN PATENTS PREVIOUSLY RECORDED AT REEL/FRAME (040136/0001);ASSIGNOR:THE BANK OF NEW YORK MELLON TRUST COMPANY, N.A., AS NOTES COLLATERAL AGENT;REEL/FRAME:061324/0001

Effective date: 20220329

Owner name: DELL PRODUCTS L.P., TEXAS

Free format text: RELEASE OF SECURITY INTEREST IN PATENTS PREVIOUSLY RECORDED AT REEL/FRAME (040136/0001);ASSIGNOR:THE BANK OF NEW YORK MELLON TRUST COMPANY, N.A., AS NOTES COLLATERAL AGENT;REEL/FRAME:061324/0001

Effective date: 20220329

Owner name: DELL INTERNATIONAL L.L.C., TEXAS

Free format text: RELEASE OF SECURITY INTEREST IN PATENTS PREVIOUSLY RECORDED AT REEL/FRAME (040136/0001);ASSIGNOR:THE BANK OF NEW YORK MELLON TRUST COMPANY, N.A., AS NOTES COLLATERAL AGENT;REEL/FRAME:061324/0001

Effective date: 20220329

Owner name: DELL USA L.P., TEXAS

Free format text: RELEASE OF SECURITY INTEREST IN PATENTS PREVIOUSLY RECORDED AT REEL/FRAME (040136/0001);ASSIGNOR:THE BANK OF NEW YORK MELLON TRUST COMPANY, N.A., AS NOTES COLLATERAL AGENT;REEL/FRAME:061324/0001

Effective date: 20220329

Owner name: DELL MARKETING L.P. (ON BEHALF OF ITSELF AND AS SUCCESSOR-IN-INTEREST TO CREDANT TECHNOLOGIES, INC.), TEXAS

Free format text: RELEASE OF SECURITY INTEREST IN PATENTS PREVIOUSLY RECORDED AT REEL/FRAME (040136/0001);ASSIGNOR:THE BANK OF NEW YORK MELLON TRUST COMPANY, N.A., AS NOTES COLLATERAL AGENT;REEL/FRAME:061324/0001

Effective date: 20220329

Owner name: DELL MARKETING CORPORATION (SUCCESSOR-IN-INTEREST TO ASAP SOFTWARE EXPRESS, INC.), TEXAS

Free format text: RELEASE OF SECURITY INTEREST IN PATENTS PREVIOUSLY RECORDED AT REEL/FRAME (040136/0001);ASSIGNOR:THE BANK OF NEW YORK MELLON TRUST COMPANY, N.A., AS NOTES COLLATERAL AGENT;REEL/FRAME:061324/0001

Effective date: 20220329

AS Assignment

Owner name: SCALEIO LLC, MASSACHUSETTS

Free format text: RELEASE OF SECURITY INTEREST IN PATENTS PREVIOUSLY RECORDED AT REEL/FRAME (045455/0001);ASSIGNOR:THE BANK OF NEW YORK MELLON TRUST COMPANY, N.A., AS NOTES COLLATERAL AGENT;REEL/FRAME:061753/0001

Effective date: 20220329

Owner name: EMC IP HOLDING COMPANY LLC (ON BEHALF OF ITSELF AND AS SUCCESSOR-IN-INTEREST TO MOZY, INC.), TEXAS

Free format text: RELEASE OF SECURITY INTEREST IN PATENTS PREVIOUSLY RECORDED AT REEL/FRAME (045455/0001);ASSIGNOR:THE BANK OF NEW YORK MELLON TRUST COMPANY, N.A., AS NOTES COLLATERAL AGENT;REEL/FRAME:061753/0001

Effective date: 20220329

Owner name: EMC CORPORATION (ON BEHALF OF ITSELF AND AS SUCCESSOR-IN-INTEREST TO MAGINATICS LLC), MASSACHUSETTS

Free format text: RELEASE OF SECURITY INTEREST IN PATENTS PREVIOUSLY RECORDED AT REEL/FRAME (045455/0001);ASSIGNOR:THE BANK OF NEW YORK MELLON TRUST COMPANY, N.A., AS NOTES COLLATERAL AGENT;REEL/FRAME:061753/0001

Effective date: 20220329

Owner name: DELL MARKETING CORPORATION (SUCCESSOR-IN-INTEREST TO FORCE10 NETWORKS, INC. AND WYSE TECHNOLOGY L.L.C.), TEXAS

Free format text: RELEASE OF SECURITY INTEREST IN PATENTS PREVIOUSLY RECORDED AT REEL/FRAME (045455/0001);ASSIGNOR:THE BANK OF NEW YORK MELLON TRUST COMPANY, N.A., AS NOTES COLLATERAL AGENT;REEL/FRAME:061753/0001

Effective date: 20220329

Owner name: DELL PRODUCTS L.P., TEXAS

Free format text: RELEASE OF SECURITY INTEREST IN PATENTS PREVIOUSLY RECORDED AT REEL/FRAME (045455/0001);ASSIGNOR:THE BANK OF NEW YORK MELLON TRUST COMPANY, N.A., AS NOTES COLLATERAL AGENT;REEL/FRAME:061753/0001

Effective date: 20220329

Owner name: DELL INTERNATIONAL L.L.C., TEXAS

Free format text: RELEASE OF SECURITY INTEREST IN PATENTS PREVIOUSLY RECORDED AT REEL/FRAME (045455/0001);ASSIGNOR:THE BANK OF NEW YORK MELLON TRUST COMPANY, N.A., AS NOTES COLLATERAL AGENT;REEL/FRAME:061753/0001

Effective date: 20220329

Owner name: DELL USA L.P., TEXAS

Free format text: RELEASE OF SECURITY INTEREST IN PATENTS PREVIOUSLY RECORDED AT REEL/FRAME (045455/0001);ASSIGNOR:THE BANK OF NEW YORK MELLON TRUST COMPANY, N.A., AS NOTES COLLATERAL AGENT;REEL/FRAME:061753/0001

Effective date: 20220329

Owner name: DELL MARKETING L.P. (ON BEHALF OF ITSELF AND AS SUCCESSOR-IN-INTEREST TO CREDANT TECHNOLOGIES, INC.), TEXAS

Free format text: RELEASE OF SECURITY INTEREST IN PATENTS PREVIOUSLY RECORDED AT REEL/FRAME (045455/0001);ASSIGNOR:THE BANK OF NEW YORK MELLON TRUST COMPANY, N.A., AS NOTES COLLATERAL AGENT;REEL/FRAME:061753/0001

Effective date: 20220329

Owner name: DELL MARKETING CORPORATION (SUCCESSOR-IN-INTEREST TO ASAP SOFTWARE EXPRESS, INC.), TEXAS

Free format text: RELEASE OF SECURITY INTEREST IN PATENTS PREVIOUSLY RECORDED AT REEL/FRAME (045455/0001);ASSIGNOR:THE BANK OF NEW YORK MELLON TRUST COMPANY, N.A., AS NOTES COLLATERAL AGENT;REEL/FRAME:061753/0001

Effective date: 20220329